cleantalk
Vulnerabilities and Security Researches

Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows, 151ec256-7c21-40db-84cb-d8b68f5c4973

CVE, Research URL

151ec256-7c21-40db-84cb-d8b68f5c4973

Home page URL

Security reports for Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows

Application

Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows

Published on
-
Research Description
Slider, Gallery, and Carousel by MetaSlider &#8211; Image Slider, Video Slider [ml-slider] < 3.17.2 MetaSlider &lt; 3.17.2 - Authenticated Stored Cross-Site Scripting (XSS) Vishnupriya Ilango, from Fortinet&#039;s FortiGuard Lab, discovered a stored Cross-Site Scripting (XSS) vulnerability in Metaslider plugin (v3.17.1), which exists in Image caption or description parameter in the slide creation module.
Affected versions
max 3.17.2.
Status
vulnerable
Previous vulnerability researches
Slider, Gallery, and Carousel by MetaSlider &#8211; Responsive WordPress Slideshows (CVE-2025-5337) , Jun 15, 2025
Slider, Gallery, and Carousel by MetaSlider &#8211; Responsive WordPress Slideshows (9507b16394ebe9e6ca301dfc53534fa4863471a4) , Jun 16, 2026
Slider, Gallery, and Carousel by MetaSlider &#8211; Responsive WordPress Slideshows (09890bbf-f385-4614-a91b-e52a71f55f4f) , Jun 16, 2026
Slider, Gallery, and Carousel by MetaSlider &#8211; Responsive WordPress Slideshows (151ec256-7c21-40db-84cb-d8b68f5c4973) , Jun 16, 2026
Slider, Gallery, and Carousel by MetaSlider &#8211; Responsive WordPress Slideshows (db37be5c6273b7fbca2994a50a5bae946ab9debc) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026