WordPress WP Slider Plugin <= 1.4.5 - Cross-Site Scripting (XSS) vulnerability
Software
WP Slider Plugin
Vulnerable versions
<= 1.4.5
PSID
bbe90e9dc3d2
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A7: Cross-Site Scripting (XSS)
Required privilege
Requires contributor or higher role user authentication.
Publicly disclosed
2022-05-04
Patchstack vPatch available since
09.12.2021
Details
Cross-Site Scripting (XSS) vulnerability was discovered by Ngo Van Thien (Patchstack Alliance) in WordPress WP Slider Plugin (versions <= 1.4.5).
Solution
No patched version is available. No reply from the vendor.
References
CVE-2022-29428
Plugin page