cleantalk
Vulnerabilities and Security Researches

Slider by Soliloquy – Responsive Image Slider for WordPress, CVE-2026-7636

CVE, Research URL

CVE-2026-7636

Home page URL

Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress

Application

Slider by Soliloquy – Responsive Image Slider for WordPress

Published on
May 22, 2026
Research Description
The Slider by Soliloquy – Responsive Image Slider for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 via the map_meta_cap. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract draft slider metadata including unpublished media URLs, captions, and slider configuration authored by administrators or editors.
Affected versions
max 2.8.2.
Status
vulnerable
Previous vulnerability researches
Ultimate Classified Listings (CVE-2024-52487) , Nov 23, 2024
Ultimate Classified Listings (CVE-2024-52448) , Nov 22, 2024
Ultimate Classified Listings (CVE-2024-13753) , Feb 22, 2025
Ultimate Classified Listings (CVE-2024-13748) , Feb 22, 2025
Ultimate Classified Listings (CVE-2024-5882) , Jul 17, 2024
New vulnerability
Salon booking system (CVE-2026-42666) , May 23, 2026
Error Log Monitor, Activity Logs, User Activity Tracking from Logtivity (CVE-2026-42673) , May 23, 2026
Word 2 Cash (CVE-2026-6395) , May 23, 2026
Faces of Users (CVE-2026-8038) , May 23, 2026
LJ comments import: reloaded (CVE-2026-8624) , May 23, 2026