Slideshow <= 2.3.1 – Author+ Stored Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some of its Slideshow settings, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks

Proof of Concept

As author and above, create/edit a slideshow and put the following payload in the "Number of seconds the slide takes to slide in", "Seconds between changing slides" or "Seconds between changing slides" settings of the plugin: "><img src onerror=alert(/XSS/)>

The XSS will be triggered when editing the slideshow again (which could be done by an admin for example)

Affects Plugins

slideshow-jquery-image-gallery

No known fix

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

909b2674-3a97-498c-b6e4-14cf24a65401

Timeline

Publicly Published

2022-05-09 (about 3 years ago)

Added

2022-05-09 (about 3 years ago)

Last Updated

2022-05-09 (about 3 years ago)

Other

Published

Title

Published

2025-01-16

Title

The Great Firewords of China <= 1.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Published

2025-09-22

Title

List Child Pages Shortcode < 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2015-01-25

Title

WP SlimStat <= 3.9.2 - Stored Cross-Site Scripting (XSS)

Published

2022-08-22

Title

WBW Currency Switcher for WooCommerce < 1.6.6 - Admin+ Stored XSS

Published

2024-09-30

Title

AVIF & SVG Uploader < 1.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload