Vulnerabilities and security researches forsoliloquy-lite soliloquy-lite

Jun 06, 2024

CVE, Research URL: d8276eb02654b7447accdf21d75754f13b40c842
Home page URL: Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress
Application: Slider by Soliloquy – Responsive Image Slider for WordPress
Date: -
Research Description: Slider by Soliloquy – Responsive Image Slider for WordPress [soliloquy-lite] < 2.7.3 WordPress Slider by Soliloquy Plugin <= 2.7.2 is vulnerable to Broken Access Control Update the WordPress Slider by Soliloquy plugin to the latest available version (at least 2.7.3). Abdi Pranata discovered and reported this Broken Access Control vulnerability in WordPress Slider by Soliloquy Plugin. A broken access control issue refers to a missing authorization, authentication or nonce token check in a function that could lead to an unprivileged user to executing a certain higher privileged action. This vulnerability has been fixed in version 2.7.3. Have additional information or questions about this entry? Get in touch.
Affected versions: max 2.7.3.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-51519
Home page URL: Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress
Application: Slider by Soliloquy – Responsive Image Slider for WordPress
Date: Jun 11, 2024
Research Description: Missing Authorization vulnerability in Soliloquy Team Slider by Soliloquy.This issue affects Slider by Soliloquy: from n/a through 2.7.2.
Affected versions: max 2.7.3.
Status: vulnerable

Aug 11, 2024

CVE, Research URL: CVE-2024-35775
Home page URL: Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress
Application: Slider by Soliloquy – Responsive Image Slider for WordPress
Date: Aug 13, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Authentication vulnerability in Soliloquy Team Slider by Soliloquy allows Cross-Site Scripting (XSS).This issue affects Slider by Soliloquy: from n/a through 2.7.6.
Affected versions: max 2.7.7.
Status: vulnerable

May 12, 2026

CVE, Research URL: CVE-2021-47922
Home page URL: Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress
Application: Slider by Soliloquy – Responsive Image Slider for WordPress
Date: May 10, 2026
Research Description: Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of users viewing the slider on both administrative and frontend pages.
Affected versions: max 2.6.2.
Status: vulnerable