| CVE-2026-6443 | Essentialplugin Plugins (Various Versions) - Injected Backdoor | essentialplugin | Accordion and Accordion Slider | Critical | 9.8 | 2026-04-17 06:44:49 | Deep Dive |
| CVE-2026-4300 | Robo Gallery <= 5.1.3 - Authenticated (Author+) Stored Cross-Site Scripting via 'Loading Label' Setting | robosoft | Robo Gallery – Photo & Image Slider | Medium | 6.4 | 2026-04-08 09:25:50 | Deep Dive |
| CVE-2026-32494 | WordPress Image Slider by Ays plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability | Ays Pro | Image Slider by Ays | 中危 | - | 2026-03-25 16:14:59 | Deep Dive |
| CVE-2026-32402 | WordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerability | Ays Pro | Image Slider by Ays | 中危 | - | 2026-03-13 11:42:13 | Deep Dive |
| CVE-2026-22346 | WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.5.4 - PHP Object Injection vulnerability | A WP Life | Slider Responsive Slideshow – Image slider, Gallery slideshow | - | - | 2026-02-20 15:47:00 | Deep Dive |
| CVE-2026-22489 | WordPress Image Slider Slideshow plugin <= 1.8 - Insecure Direct Object References (IDOR) vulnerability | Wptexture | Image Slider Slideshow | Medium | 4.3 | 2026-01-08 16:33:34 | Deep Dive |
| CVE-2024-30547 | WordPress Header Image Slider plugin <= 0.3 - Cross Site Scripting (XSS) vulnerability | Shazdeh | Header Image Slider | High | 7.1 | 2026-01-06 16:51:31 | Deep Dive |
| CVE-2025-14454 | Image Slider by Ays- Responsive Slider and Carousel <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider Deletion | ays-pro | Image Slider by Ays- Responsive Slider and Carousel | Medium | 4.3 | 2025-12-13 03:20:27 | Deep Dive |
| CVE-2025-11373 | Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload | averta | Depicter — Popup & Slider Builder | Medium | 4.3 | 2025-11-05 06:35:01 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |
| CVE-2025-53308 | WordPress Image Slider With Description plugin <= 9.2 - Cross Site Request Forgery (CSRF) Vulnerability | gopi_plus | Image Slider With Description | High | 7.1 | 2025-06-27 13:21:32 | Deep Dive |
| CVE-2025-5337 | Slider, Gallery, and Carousel by MetaSlider <= 3.98.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via aria-label Parameter | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2025-06-14 09:23:33 | Deep Dive |
| CVE-2024-13384 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.24 - Admin+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | - | - | 2025-05-15 20:07:01 | Deep Dive |
| CVE-2024-10144 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.22 - Contributor+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | - | - | 2025-05-15 20:06:42 | Deep Dive |
| CVE-2025-2011 | Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter | averta | Depicter — Popup & Slider Builder | High | 7.5 | 2025-05-06 09:21:49 | Deep Dive |
| CVE-2025-4188 | Advanced Reorder Image Text Slider <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting | balasahebbhise | Advanced Reorder Image Text Slider | Medium | 6.1 | 2025-05-03 01:43:06 | Deep Dive |
| CVE-2019-25223 | Team Circle Image Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection | nik00726 | Team Circle Image Slider With Lightbox | Medium | 4.9 | 2025-04-08 07:01:03 | Deep Dive |
| CVE-2024-10102 | Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.22 - Contributor+ Stored XSS | Unknown | Photo Gallery, Images, Slider in Rbs Image Gallery | 中危 | - | 2025-01-07 06:00:02 | Deep Dive |
| CVE-2024-4633 | Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.2.1- Authenticated (Author+) Stored Cross-Site Scripting | averta | Depicter — Popup & Slider Builder | Medium | 6.4 | 2024-12-06 13:45:20 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |