Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Social_slider_widget
(Cm\-Wp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-05-15 | CVE-2024-10149 | The Social Slider Feed WordPress plugin before 2.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | Social_slider_widget | N/A | ||
| 2021-04-05 | CVE-2021-24196 | The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized | Social_slider_widget | 5.4 |