cleantalk
Vulnerabilities and Security Researches

Serious Slider, CVE-2024-11108

CVE, Research URL

CVE-2024-11108

Home page URL

Security reports for Serious Slider

Application

Serious Slider

Published on
Dec 20, 2024
Research Description
The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions
max 1.2.7.
Status
vulnerable
Previous vulnerability researches
Serious Slider (CVE-2026-25399) , Feb 28, 2026
Serious Slider (CVE-2024-11108) , Dec 22, 2024
Serious Slider (CVE-2024-33650) , Jun 07, 2024
Serious Slider (CVE-2024-35762) , Jun 21, 2024
New vulnerability
Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form (CVE-2026-25418) , Feb 28, 2026
Image Photo Gallery Final Tiles Grid (CVE-2026-25375) , Feb 28, 2026
Share This Image (CVE-2026-25010) , Feb 28, 2026
Bold Page Builder (CVE-2026-25451) , Feb 28, 2026
Bold Page Builder (CVE-2025-13463) , Feb 28, 2026