Wp Slider Security Vulnerabilities - November

CVE-2022-28612

Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress.

CVE-2022-29428

Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.

CVE-2023-23671

Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.

CVE-2023-23795

Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Form Builder plugin <= 1.9.9.0 versions.

CVE-2023-23796

Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0.

CVE-2023-23798

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.

CVE-2023-47228

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.