Vulnerabilities and security researches forinstagram-slider-widget instagram-slider-widget
Direction: ascendingJun 07, 2024
Social Slider Feed # CVE-2021-24196
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 06, 2021
- Research Description
- The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Aug 12, 2024
Social Slider Feed # CVE-2024-43215
- CVE, Research URL
- Home page URL
- Application
- Date
- Nov 01, 2024
- Research Description
- Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 24, 2025
Social Slider Feed # CVE-2025-0717
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 25, 2025
- Research Description
- To exploit the vulnerability, it is necessary:
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
May 17, 2025
Social Slider Feed # CVE-2024-10149
- CVE, Research URL
- Home page URL
- Application
- Date
- May 16, 2025
- Research Description
- The Social Slider Feed WordPress plugin before 2.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
- Affected versions
-
Min -, max -.
- Status
-
vulnerable