WordPress Plugin Vulnerabilities

Captain Slider 1.0.6 - Cross-Site Scripting (XSS)

Description

The captain-slider WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
captain-slider
No known fix

References

CVE
CVE-2015-9419
URL
https://packetstormsecurity.com/files/#133362/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
dfde9b18-db3f-40a4-ac2e-9906a843eeb1

Timeline

Publicly Published
2015-08-29 (about 10 years ago)
Added
2015-08-30 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-03-18
Title
Tracking Code Manager < 2.1.0 -Admin+ Stored Cross-Site Scripting
Published
2025-12-30
Title
XStore Core < 5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2022-06-06
Title
NextCellent Gallery <= 1.9.35 - Admin+ Stored XSS
Published
2025-03-11
Title
BlogBuzzTime-for-wp <= 1.1 - Authenticated (Admin+) Stored Cross-Site Scripting
Published
2022-12-23
Title
WP Spell Check < 9.13 - Admin+ Stored Cross-Site Scripting