Vulnerabilities and security researches forb-slider b-slider

Aug 12, 2025

CVE, Research URL: CVE-2025-8418
Home page URL: Security reports for B Slider – Slider for your block editor
Application: B Slider – Slider for your block editor
Date: Aug 12, 2025
Research Description: The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. This is due to missing capability checks on the activated_plugin function. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins on the server which can make remote code execution possible.
Affected versions: Min -, max -.
Status: vulnerable

Feb 04, 2025

CVE, Research URL: CVE-2024-13514
Home page URL: Security reports for B Slider – Slider for your block editor
Application: B Slider – Slider for your block editor
Date: Feb 04, 2025
Research Description: The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private posts that they should not have access to.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2024-30432
Home page URL: Security reports for B Slider – Slider for your block editor
Application: B Slider – Slider for your block editor
Date: Mar 29, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Slider - Slider for your block editor allows Stored XSS.This issue affects B Slider - Slider for your block editor: from n/a through 1.1.12.
Affected versions: Min -, max -.
Status: vulnerable