cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forpost-slider-and-carousel post-slider-and-carousel

Direction: ascending
Jun 06, 2024

Post Slider and Post Carousel with Post Vertical Scrolling Widget – A Responsive Post Slider # 7b1fea40d51201345f855cbfaf9768448ffa0088

CVE, Research URL

7b1fea40d51201345f855cbfaf9768448ffa0088

Home page URL

Security reports for Post Slider and Post Carousel with Post Vertical Scrolling Widget – A Responsive Post Slider

Application

Post Slider and Post Carousel with Post Vertical Scrolling Widget – A Responsive Post Slider

Date
Feb 28, 2022
Research Description
Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider [post-slider-and-carousel] < 2.1.2 WordPress Post Slider and Carousel with Widget – A Responsive Post Slider plugin < 2.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Post Slider and Carousel with Widget – A Responsive Post Slider plugin (versions < 2.1.2).
Affected versions
Min -, max -.
Status
vulnerable
Nov 15, 2024

Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider # CVE-2022-4974

CVE, Research URL

CVE-2022-4974

Home page URL

Security reports for Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider

Application

Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider

Date
Oct 16, 2024
Research Description
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions
Min -, max -.
Status
vulnerable
Jun 06, 2025

Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider # CVE-2025-4567

CVE, Research URL

CVE-2025-4567

Home page URL

Security reports for Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider

Application

Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider

Date
Jun 03, 2025
Research Description
The Post Slider and Post Carousel with Post Vertical Scrolling Widget WordPress plugin before 3.2.10 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions
Min -, max -.
Status
vulnerable