cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forsliderspack-all-in-one-image-sliders sliderspack-all-in-one-image-sliders

Direction: ascending
Jun 06, 2024

Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider # bc6356e177f864c0ee8ec329d0cba714cdf9cd32

CVE, Research URL

bc6356e177f864c0ee8ec329d0cba714cdf9cd32

Home page URL

Security reports for Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider

Application

Slider a SlidersPack – Image Slider, Post Slider, ACF Gallery Slider

Date
Jul 17, 2023
Research Description
Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider [sliderspack-all-in-one-image-sliders] < 2.3 WordPress Slider a SlidersPack Plugin <= 2.0.2 is vulnerable to Broken Access Control No patched version is available. No reply from the vendor. Cat discovered and reported this Broken Access Control vulnerability in WordPress Slider a SlidersPack Plugin. This vulnerability has not been known to be fixed yet.
Affected versions
Min -, max -.
Status
vulnerable
Jun 10, 2024

Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider # CVE-2022-46845

CVE, Research URL

CVE-2022-46845

Home page URL

Security reports for Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider

Application

Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider

Date
-
Research Description
The Slider a SlidersPack plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the wp_spaios_save_attachment_data and wp_spaios_get_attachment_edit_form functions in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to modify and retrieve the metadata of an arbitrary WordPress Media Library attachment.
Affected versions
Min -, max -.
Status
vulnerable
Apr 06, 2025

Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider # CVE-2025-32152

CVE, Research URL

CVE-2025-32152

Home page URL

Security reports for Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider

Application

Slider a SlidersPack &#8211; Image Slider, Post Slider, ACF Gallery Slider

Date
Apr 04, 2025
Research Description
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Essential Plugins by WP OnlineSupport Slider a SlidersPack allows PHP Local File Inclusion. This issue affects Slider a SlidersPack: from n/a through 2.3.
Affected versions
Min -, max -.
Status
vulnerable