cleantalk
Vulnerabilities and Security Researches

Image Slider by Ays- Responsive Slider and Carousel, bd2e0643-c83b-4ca6-9332-66e4c49252ba

CVE, Research URL

bd2e0643-c83b-4ca6-9332-66e4c49252ba

Home page URL

Security reports for Image Slider by Ays- Responsive Slider and Carousel

Application

Image Slider by Ays- Responsive Slider and Carousel

Published on
-
Research Description
Image Slider by Ays- Responsive Slider and Carousel [ays-slider] < 2.5.0 Multiple Plugins from AYS Pro - Reflected Cross-Site Scripting (XSS) The plugins did not properly sanitise and escape some GET parameters before outputting them back in attributes, leading to reflected Cross-Site Scripting issues which will be executed in the context of a logged in administrator
Affected versions
max 2.5.0.
Status
vulnerable
Previous vulnerability researches
Elizaibots (CVE-2025-49893) , Aug 20, 2025
Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026
New vulnerability
Ultimate Maps by Supsystic (3958f2eb5c5ad29221566e4e9b152ab95b01c255) , Jun 16, 2026
Ultimate Maps by Supsystic (0b83038e-92d2-4bdd-a597-a5d8eff50edb) , Jun 16, 2026
Ultimate Maps by Supsystic (83d02d55e621b64b2ba6bfa94a1543a55d5b7a0f) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (7907a46e-61ef-4bd8-9598-c0f8f78c0aab) , Jun 16, 2026
WP Easy Gallery &#8211; WordPress Gallery Plugin (dea14b66-400f-429a-a06e-42c1183f978e) , Jun 16, 2026