10 matches found
CVE-2025-12713
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713 Soundslides <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713
CVE-2025-12713 affects the WordPress plugin Soundslides, vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to and including 1.4.2. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated ...
PT-2025-48222
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
WordPress Soundslides plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via soundslides Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Soundslides versions = 1.4.2...
EUVD-2025-8673
Malicious code in bioql PyPI...
CVE-2025-2249
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-2249
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
Exploit for CVE-2025-2249
🔐 WordPress SoJ SoundSlides Plugin ⚠️ DISCLAIMER: This ex...