EUVD-2012-4271

Malware in sbrugna...

EUVD-2025-24196

Malicious code in bioql PyPI...

EUVD-2025-25282

Malicious code in bioql PyPI...

CVE-2025-8680

CVE-2025-8680 concerns the WordPress plugin “B Slider – Gutenberg Slider Block for WP” where the vulnerability is a Server-Side Request Forgery (SSRF) in the fs_api_request function. The flaw affects versions up to and including 2.0.0 and requires authentication with at least subscriber-level pri...

CVE-2019-25223 Team Circle Image Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

PT-2025-7330 · WordPress · Master Slider Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Master Slider WordPress plugin versions prior to 3.10.5 Description: The Master Slider WordPress plugin does not sanitise and escape some of its settings, which could allow high privilege users, such as Editor and above, to perform Stored...

CVE-2024-9582

CVE-2024-9582 : Accordion Slider (WordPress)

CVE-2024-8283 Slider by 10Web < 1.2.59 - Admin+ Stored XSS

The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-49852

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4...

CVE-2022-1687

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lspsliderid parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection...

CVE-2022-1541

The Video Slider WordPress plugin before 1.4.8 does not sanitize or escape some of its video settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

SQL Injection in Huge IT Slider WordPress Plugin

Advisory ID: HTB23250 Product: Huge IT Slider WordPress Plugin Vendor: Huge-IT Vulnerable Versions: 2.6.8 and probably prior Tested Version: 2.6.8 Advisory Publication: February 19, 2015 without technical details Vendor Notification: February 19, 2015 Vendor Patch: March 11, 2015 Public Disclosur...