WordPress Plugin Vulnerabilities

Tribulant Slideshow Gallery <= 1.6.4 - Authenticated Cross-Site Scripting (XSS)

Description

The Slideshow Gallery WordPress plugin was affected by an Authenticated Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
slideshow-gallery
Fixed in 1.6.5

References

URL
https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_tribulant_slideshow_galleries_wordpress_plugin.html
URL
https://plugins.trac.wordpress.org/changeset/1609730/slideshow-gallery

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
bdf963a1-c0f9-4af7-a67c-0c6d9d0b4ab1

Timeline

Publicly Published
2017-03-01 (about 9 years ago)
Added
2017-03-20 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2024-07-10
Title
codoc < 0.9.52 - Reflected Cross-Site Scripting
Published
2025-03-28
Title
Leaky Paywall < 4.21.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2016-07-13
Title
Master Slider < 2.8.0 - Reflected Cross-Site Scripting (XSS)
Published
2021-08-10
Title
Quiz And Survey Master < 7.1.14 - Reflected Cross-Site Scripting
Published
2015-03-09
Title
Custom Community < 2.0.25 - Stored Cross-Site Scripting (XSS)