cleantalk
Vulnerabilities and Security Researches

Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows, CVE-2014-4846

CVE, Research URL

CVE-2014-4846

Home page URL

Security reports for Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows

Application

Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows

Published on
Jul 10, 2014
Research Description
Cross-site scripting (XSS) vulnerability in the Meta Slider (ml-slider) plugin 2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter to wp-admin/admin.php.
Affected versions
max 2.2.
Status
vulnerable
Previous vulnerability researches
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows (CVE-2025-5337) , Jun 15, 2025
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows (CVE-2025-1203) , May 08, 2025
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows (CVE-2025-1062) , May 08, 2025
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows (CVE-2025-24533) , Jan 28, 2025
Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows (CVE-2025-26763) , Feb 21, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025