Vulnerabilities and security researches formislider mislider

Nov 10, 2025

CVE, Research URL: CVE-2025-11992
Home page URL: Security reports for Multi Item Responsive Slider
Application: Multi Item Responsive Slider
Date: Oct 24, 2025
Research Description: The Multi Item Responsive Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'mioptions.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Affected versions: max 1.0.
Status: vulnerable