Smart Slider 3 < 3.5.1.11 – Contributor+ Stored XSS | CVE 2022-45843

Affects Plugins

smart-slider-3

Fixed in 3.5.1.11

References

CVE

CVE-2022-45843

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.8 (medium)

Miscellaneous

Original Researcher

FearZzZz

Verified

No

WPVDB ID

11ccb8de-ca5c-46b8-9ddf-dba426c97738

Timeline

Publicly Published

2022-11-23 (about 3 years ago)

Added

2023-03-23 (about 3 years ago)

Last Updated

2023-03-23 (about 3 years ago)

Other

Published

Title

Published

2024-12-05

Title

TwentyTwenty <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-01-16

Title

Awesome WordPress Timeline Plugin <= 1.0.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Published

2023-11-16

Title

Easy PayPal Shopping Cart < 1.1.11 - Contributor+ Stored XSS

Published

2025-02-14

Title

Vertex Addons for Elementor < 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-03-13

Title

CM FAQ – Simplify support with an intuitive FAQ management tool < 1.2.6 - Reflected Cross-Site Scripting