18 matches found
CVE-2026-1885 Slideshow Wp <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sswp-slide' Shortcode 'sswpid' Attribute
The Slideshow Wp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sswpid' attribute of the 'sswp-slide' shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2026-1885
The CVE-2026-1885 issue affects the WordPress Slideshow Wp plugin (versions up to 1.1). It is a Stored Cross-Site Scripting (XSS) vulnerability via the sswpid attribute of the sswp-slide shortcode, caused by insufficient input sanitization/output escaping. Exploitation requires authenticated acce...
CVE-2023-5413
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2022-1335
The Slideshow CK WordPress plugin before 1.4.10 does not sanitize and escape Slide's descriptions, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks when unfilteredhtml is disallowed...
WordPress plugin WP Simple Slideshow č·Øē«čę¬ę¼ę“
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Slideshow Gallery Plugin <= 1.8.3 is vulnerable to Cross Site Scripting (XSS)
Software Slideshow Gallery Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47376 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da732a2224b9 Credits Hakiduck Required privilege...
WordPress Slideshow SE Plugin <= 2.5.17 is vulnerable to Local File Inclusion
Software Slideshow SE Type Plugin Vulnerable versions = 2.5.17 Fixed in 2.5.18 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-35778 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7958c856162d Credits João Pedro S Alcântara Kinorth...
WordPress Slideshow SE Plugin <= 2.5.20 is vulnerable to Cross Site Scripting (XSS)
Software Slideshow SE Type Plugin Vulnerable versions = 2.5.20 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35769 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5064bdc28526 Credits Steven Julian Required privilege Author...
WordPress Slideshow Gallery Plugin <= 1.7.8 is vulnerable to SQL Injection
Software Slideshow Gallery Type Plugin Vulnerable versions = 1.7.8 Fixed in 1.7.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-31355 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 6b8a2fec8ee3 Credits LVT-tholv2k Required privilege Contributor...
WordPress Slideshow Gallery Plugin <= 1.7.8 is vulnerable to Cross Site Request Forgery (CSRF)
Software Slideshow Gallery Type Plugin Vulnerable versions = 1.7.8 Fixed in 1.7.9 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31354 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fa0ba59d923d Credits Ananda Dhakal...
WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Slideshow Gallery Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-28497 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID e4370ac72e5b Credits Rio Darmawan...
WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to SQL Injection
Software Slideshow Gallery Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-28491 Patch priority Low CVSS severity Low 6.7 Developer Claim ownership PSID 9644393e25c7 Credits minhtuanact Required privilege Administrator...
WordPress plugin Slideshow CK č·Øē«čę¬ę¼ę“
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. cross-site scripting...
WordPress plugin Slideshow č·Øē«čę¬ę¼ę“
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. WordPress Slideshow plugin 2.3.1 and earlier versions have a cross-site scripting vulnerability...
WordPress Slideshow plugin <= 2.3.1 - Stored Cross-Site Scripting (XSS) vulnerability
Stored Cross-Site Scripting XSS vulnerability discovered by FayƧal CHENA in WordPress Slideshow plugin versions = 2.3.1. Solution Deactivate and delete. This plugin has been closed as of April 11, 2022 and is not available for download. This closure is temporary, pending a full review...
WordPress Slideshow Gallery Plugin < 1.6.9 Multiple Vulnerabilities
The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...
WordPress Slideshow Gallery 1.4.6 Shell Upload
!/usr/bin/env python WordPress Slideshow Gallery 1.4.6 Shell Upload Exploit WordPress Slideshow Gallery plugin version 1.4.6 suffers from a remote shell upload vulnerability CVE-2014-5460 Vulnerability discovered by: Jesus Ramirez Pichardo - http://whitexploit.blogspot.mx/ Exploit written by:...
WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability
No description provided by source. Summary: WordPress Slideshow Gallery plugin version 1.4.6 suffers from a remote shell upload vulnerability. Found by: Jesus Ramirez Pichardo @whitexploit http://whitexploit.blogspot.mx/ Date: 2014-08-28 Vendor Homepage: http://tribulant.com/ Software: Slideshow...