cleantalk
Vulnerabilities and Security Researches

Slider by Soliloquy – Responsive Image Slider for WordPress, CVE-2019-25743

CVE, Research URL

CVE-2019-25743

Home page URL

Security reports for Slider by Soliloquy – Responsive Image Slider for WordPress

Application

Slider by Soliloquy – Responsive Image Slider for WordPress

Published on
Jun 04, 2026
Research Description
WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script payloads in the post_title parameter, which are stored and executed when users preview the post.
Affected versions
max 2.5.6.
Status
vulnerable
Previous vulnerability researches
WP Google Review Slider (CVE-2023-0259) , Jun 06, 2024
WP Google Review Slider (e42cedcff159170074fe08dcc12e3cd44aae4dcf) , Jun 06, 2024
WP Google Review Slider (CVE-2022-4242) , Jun 06, 2024
WP Google Review Slider (CVE-2024-2310) , Jun 06, 2024
WP Google Review Slider (CVE-2019-25745) , Jun 06, 2026
New vulnerability
Slider by Soliloquy – Responsive Image Slider for WordPress (CVE-2019-25743) , Jun 06, 2026
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-49771) , Jun 06, 2026
Popup Builder – Create highly converting, mobile friendly marketing popups. (CVE-2019-25744) , Jun 06, 2026
WP Google Review Slider (CVE-2019-25745) , Jun 06, 2026
LMS by Masteriyo – WordPress Learning Management System, eLearning Platform, Online Education System & Online Course (CVE-2026-42743) , Jun 05, 2026