Vulnerabilities and security researches forwoocommerce-products-slider woocommerce-products-slider
Direction: ascendingJun 07, 2024
Product Slider for WooCommerce by PickPlugins # CVE-2023-0166
- CVE, Research URL
- Application
- Date
- Feb 13, 2023
- Research Description
- The Product Slider for WooCommerce by PickPlugins WordPress plugin before 1.13.42 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
- Affected versions
-
max 1.13.42.
- Status
-
vulnerable
Product Slider for WooCommerce by PickPlugins # CVE-2021-24300
- CVE, Research URL
- Application
- Date
- May 24, 2021
- Research Description
- The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue
- Affected versions
-
max 1.13.22.
- Status
-
vulnerable
Sep 16, 2024
Product Slider for WooCommerce by PickPlugins # CVE-2024-45459
- CVE, Research URL
- Application
- Date
- Sep 15, 2024
- Research Description
- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through 1.13.50.
- Affected versions
-
max 1.13.51.
- Status
-
vulnerable
Mar 30, 2026
Product Slider for WooCommerce by PickPlugins # CVE-2026-25455
- CVE, Research URL
- Application
- Date
- Mar 25, 2026
- Research Description
- Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through <= 1.13.60.
- Affected versions
-
max 1.13.60.
- Status
-
vulnerable