Lucene search
K
10webSlider

9 matches found

CVE
CVE
added 2024/04/18 9:30 a.m.96 views

CVE-2024-32578

Technical details for CVE-2024-32578 are not publicly provided in the supplied documents. The initial description notes a reflected XSS in 10Web Slider, but there are no connected documents with affected versions, exploitation vectors, remediation steps, or verification data.

7.1CVSS5.2AI score0.00522EPSS
CVE
CVE
added 2022/12/26 12:28 p.m.71 views

CVE-2022-4197

The CVE-2022-4197 issue affects the Sliderby10Web WordPress plugin (versions prior to 1.2.53). It does not sanitize and escape some settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite setups). The vulnerability is asso...

4.8CVSS4.7AI score0.00532EPSS
CVE
CVE
added 2024/08/08 5:31 a.m.66 views

CVE-2024-7150

The CVE-2024-7150 entry concerns Slider by 10Web – Responsive Image Slider for WordPress. Affected: all versions up to 1.2.57. Root cause: time-based SQL Injection due to insufficient escaping of the id parameter and lack of proper query preparation. Impact: authenticated attackers with Contribut...

8.8CVSS8.7AI score0.00568EPSS
CVE
CVE
added 2024/07/11 6:0 a.m.64 views

CVE-2024-6026

The CVE-2024-6026 issue affects the Slider by 10Web WordPress plugin prior to version 1.2.56. The vulnerability arises from insufficient sanitisation/escaping of certain Slide options, allowing authenticated users with access to the Sliders (default Administrator, configurable) who can add images...

6.1CVSS5.4AI score0.00375EPSS
CVE
CVE
added 2024/07/31 6:0 a.m.63 views

CVE-2024-6408

CVE-2024-6408 affects the Slider by 10Web WordPress plugin, prior to version 1.2.57. The flaw is an insufficient sanitization/escaping of the Slider Title, enabling Cross‑Site Scripting by high‑privilege users (e.g., Editors) even when unfiltered_html is disallowed. Red Hat confirms the issue tex...

5.4CVSS5.7AI score0.00391EPSS
CVE
CVE
added 2021/03/18 2:57 p.m.62 views

CVE-2021-24132

CVE-2021-24132 affects the WordPress plugin Slider by 10Web up to version 1.2.35; version 1.2.36 fixes it. The root cause is a SQL Injection in the plugin’s admin endpoints (bulk_action, export_full, save_slider_db) exploitable by an authenticated user (Admin or certain Contributor+ roles when en...

8.8CVSS8.8AI score0.02586EPSS
Web
CVE
CVE
added 2025/03/25 6:0 a.m.62 views

CVE-2024-10566

CVE-2024-10566 affects Slider by 10Web (WordPress plugin) prior to version 1.2.62. The vulnerability arises from improper sanitization/escaping of certain plugin settings, enabling a stored XSS condition that could be triggered by high-privilege users (e.g., admins) even when unfiltered_html is d...

6.1CVSS5.8AI score0.00313EPSS
CVE
CVE
added 2025/03/25 6:0 a.m.61 views

CVE-2024-10565

CVE-2024-10565 affects the Slider by 10Web WordPress plugin. The issue arises because the plugin does not sanitize or escape certain settings, enabling a high-privilege user (e.g., an admin) to perform a Stored XSS attack, even when unfiltered_html is disallowed (such as in multisite). The vulner...

6.1CVSS5.8AI score0.00313EPSS
CVE
CVE
added 2024/09/30 6:0 a.m.59 views

CVE-2024-8283

CVE-2024-8283 concerns The Slider by 10Web WordPress plugin (versions

4.8CVSS4.9AI score0.00375EPSS