cleantalk
Vulnerabilities and Security Researches

B Slider – Slider for your block editor, CVE-2024-13514

CVE, Research URL

CVE-2024-13514

Home page URL

Security reports for B Slider – Slider for your block editor

Application

B Slider – Slider for your block editor

Published on
Feb 04, 2025
Research Description
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private posts that they should not have access to.
Affected versions
Min -, max 1.1.24.
Status
vulnerable
Previous vulnerability researches
Kings Tab Slider (CVE-2024-51932) , Nov 12, 2024
B Slider – Slider for your block editor (CVE-2024-13514) , Feb 04, 2025
B Slider – Slider for your block editor (CVE-2025-8418) , Aug 12, 2025
B Slider – Slider for your block editor (CVE-2024-30432) , Jun 07, 2024
New vulnerability
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler (CVE-2025-54028) , Aug 13, 2025
Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks (CVE-2025-54007) , Aug 13, 2025
WooCommerce Purchase Orders (CVE-2025-5391) , Aug 13, 2025
RentSyst – CRM solution for fleet management (CVE-2025-48152) , Aug 12, 2025
Mosaic Generator (CVE-2025-8621) , Aug 12, 2025