GCVE - cpe:2.3:a:awplife:slider_responsive_slideshow:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:awplife:slider_responsive_slideshow:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Awplife (`1de09ac5-fc6f-5a67-a308-19d788c6e8ed`)
Product	Slider Responsive Slideshow (`6f27b5c2-0f4c-59f3-b352-2259f007b7d8`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/awplige/responsive-slider-plugin`	purl2cpe	2026-06-01 10:11:29.166983

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-35722`	vulnerable	2026-06-08 06:39:42.511292	WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.4.0 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in A WP Life Slider Responsive Slideshow – Image slider, Gallery slideshow.This issue affects Slider Responsive Slideshow – Image slider, Gallery slideshow: from n/a through 1.4.0. Published: 2024-06-10T07:56:45.703Z Updated: 2026-04-28T16:09:54.010Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/slider-responsive-slideshow/wordpress-slider-responsive-slideshow-image-slider-gallery-slideshow-plugin-1-4-0-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-1859`	vulnerable	2026-06-08 06:27:14.734048	Slider Responsive Slideshow – Image slider, Gallery slideshow <= 1.3.8 - Authenticated (Contributor+) PHP Object Injection HIGH (8.8) The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization of untrusted input to the awl_slider_responsive_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. Published: 2024-03-01T06:47:51.457Z Updated: 2026-04-08T17:25:33.683Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/d35266cd-41e6-4358-afaa-bc008962f2e1?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3041884%40slider-responsive-slideshow&new=3041884%40slider-responsive-slideshow&sfp_email=&sfph_mail=	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Slider Responsive Slideshow

PURL mappings

Vulnerability references

Contribute