| CVE-2025-10249 | Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read | Revolution Slider | Slider Revolution | Medium | 6.5 | 2025-10-09 11:20:56 | Deep Dive |
| CVE-2025-9217 | Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images' | Revolution Slider | Slider Revolution | Medium | 6.5 | 2025-08-29 10:54:03 | Deep Dive |
| CVE-2024-12043 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.16.5 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2025-01-23 11:13:27 | Deep Dive |
| CVE-2024-8442 | Prime Slider - Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider <= 3.15.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via Blog Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-11-07 12:30:53 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8107 | Slider Revolution <= 6.7.18 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | Revolution Slider | Slider Revolution | Medium | 6.4 | 2024-10-01 06:39:52 | Deep Dive |
| CVE-2024-37449 | WordPress Slider Revolution plugin <= 6.7.13 - Cross Site Scripting (XSS) vulnerability | ThemePunch OHG | Slider Revolution | Medium | 5.9 | 2024-07-21 22:14:08 | Deep Dive |
| CVE-2024-34444 | WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability | ThemePunch OHG | Slider Revolution | High | 7.1 | 2024-06-19 14:57:09 | Deep Dive |
| CVE-2024-34443 | WordPress Slider Revolution plugin < 6.7.11 - Cross Site Scripting (XSS) vulnerability | ThemePunch OHG | Slider Revolution | Medium | 5.9 | 2024-06-19 14:53:55 | Deep Dive |
| CVE-2024-5640 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pacific Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-06-07 04:33:25 | Deep Dive |
| CVE-2024-4637 | Slider Revolution <= 6.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementor wrapperid and zindex | Revolution Slider | Slider Revolution | Medium | 6.4 | 2024-06-04 09:31:47 | Deep Dive |
| CVE-2024-4581 | Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes | Revolution Slider | Slider Revolution | Medium | 6.4 | 2024-06-04 08:31:21 | Deep Dive |
| CVE-2024-3997 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pagepiling Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-05-23 11:02:38 | Deep Dive |
| CVE-2024-4339 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-05-09 20:03:31 | Deep Dive |
| CVE-2024-4092 | Slider Revolution <= 6.7.7 - Authenticated (Author+) Stored Cross-Site Scripting via htmltag Parameter | Revolution Slider | Slider Revolution | Medium | 6.4 | 2024-05-02 16:52:20 | Deep Dive |
| CVE-2024-1730 | Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) <= 3.14.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | bdthemes | Prime Slider – Addons for Elementor | Medium | 5.4 | 2024-04-20 03:21:18 | Deep Dive |
| CVE-2024-2306 | Revslider <= 6.6.20 - Authenticated (Author+) Stored Cross-Site Scripting | Revolution Slider | Slider Revolution | Medium | 6.4 | 2024-04-09 18:59:35 | Deep Dive |
| CVE-2024-1508 | Prime Slider – Addons For Elementor <= 3.13.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Mercury Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-03-13 13:52:12 | Deep Dive |
| CVE-2024-1507 | Prime Slider – Addons For Elementor <= 3.13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rubix Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-03-13 13:52:12 | Deep Dive |
| CVE-2024-1506 | Prime Slider – Addons For Elementor <= 3.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fiestar Widget | bdthemes | Prime Slider – Addons for Elementor | Medium | 6.4 | 2024-03-07 06:59:45 | Deep Dive |