Slideshow Gallery LITE WordPress Plugin Security Vulnerabilities | WPScan

11

October 29, 2025

6000

Published

2024-09-30

Title

Slideshow Gallery < 1.8.4 - Authenticated (Administrator+) Stored Cross-Site Scripting

Fixed in

Fixed in 1.8.4

CVSS

4.4 (medium)

Published

2024-06-11

Title

Slideshow Gallery LITE < 1.8.2 - Authenticated (Contributor+) SQL Injection

Fixed in

Fixed in 1.8.2

CVSS

8.1 (high)

Published

2024-04-07

Title

Slideshow Gallery < 1.7.9 - Settings Reset via CSRF

Fixed in

Fixed in 1.7.9

CVSS

4.3 (medium)

Published

2024-04-07

Title

Slideshow Gallery < 1.8.1 - Unauthenticated Sensitive Information Exposure

Fixed in

Fixed in 1.8.1

CVSS

5.3 (medium)

Published

2024-04-07

Title

Slideshow Gallery < 1.7.9 - Contributor+ SQLi

Fixed in

Fixed in 1.7.9

CVSS

6.8 (medium)

Published

2021-10-25

Title

Slideshow Gallery < 1.7.4 - Admin+ Stored Cross-Site Scripting

Fixed in

Fixed in 1.7.4

CVSS

3.5 (low)

Published

2018-11-15

Title

Slideshow Gallery <= 1.6.8 - XSS and SQLi

Fixed in

Fixed in 1.6.9

CVSS

9.8 (critical)

Published

2017-04-10

Title

Slideshow Gallery <= 1.6.5 - Multiple Authenticated Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.6.6

CVSS

6.1 (medium)

Published

2017-03-01

Title

Tribulant Slideshow Gallery <= 1.6.4 - Authenticated Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.6.5

CVSS

n/a

Published

2015-08-20

Title

Tribulant Slideshow Gallery < 1.5.3.4 - Arbitrary file upload & Cross-Site Scripting (XSS)

Fixed in

Fixed in 1.5.3.4

CVSS

n/a

Published

2014-09-17

Title

Slideshow Gallery < 1.4.7 - Arbitrary File Upload

Fixed in

Fixed in 1.4.7

CVSS

n/a