Serious Slider
Approved changes feed: RSS · Atom
cpe:2.3:a:cryoutcreations:serious_slider:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Cryoutcreations (c1ebf0a6-96cf-5d5b-b43f-d0a9b7946345) |
|---|---|
| Product | Serious Slider (1a2faed4-86ed-5279-a9b4-1983058f6868) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-35762 |
vulnerable | 2026-06-03 14:56:03.005147 |
WordPress Serious Slider plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through 1.2.4.
Published: 2024-06-21T12:35:55.666Z
Updated: 2026-04-28T16:09:55.056Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11108 |
vulnerable | 2026-06-03 14:54:13.434160 |
Serious Slider < 1.2.7 - Contributor+ Stored XSS via Shortcode
The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Published: 2024-12-20T06:00:04.403Z
Updated: 2024-12-20T16:11:45.944Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.