10web Slider
9 CVEs affecting 10web Slider. Latest disclosed: 2025-03-25. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-7150 | High | 8.8 | 2024-08-08 | The Slider by 10Web – Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and… |
CVE-2021-24132 | High | 8.8 | 2021-03-18 | The Slider by 10Web WordPress plugin, versions before 1.2.36, in the bulk_action, export_full and save_slider_db functionalities of the plugin were vulnerable… |
CVE-2024-32578 | High | 7.1 | 2024-04-18 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue aff… |
CVE-2024-10566 | Medium | 6.1 | 2025-03-25 | The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to… |
CVE-2024-10565 | Medium | 6.1 | 2025-03-25 | The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to… |
CVE-2024-6408 | Medium | 5.4 | 2024-07-31 | The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise and escape its Slider Title, which could allow high privilege users such as editors and a… |
CVE-2024-6026 | Medium | 5.4 | 2024-07-11 | The Slider by 10Web WordPress plugin before 1.2.56 does not sanitise and escape some of its Slide options, which could allow authenticated users with access t… |
CVE-2024-8283 | Medium | 4.8 | 2024-09-30 | The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to… |
CVE-2022-4197 | Medium | 4.8 | 2022-12-26 | The Sliderby10Web WordPress plugin before 1.2.53 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per… |