| CVE-2025-7501 | Wonder Slider Lite & Wonder Slider <= 14.4 - Authenticated (Contributor+) Dom-based Stored Cross-Site Scripting | wonderplugin | Wonder Slider | Medium | 6.4 | 2025-07-26 06:43:21 | Deep Dive |
| CVE-2015-10144 | Responsive Thumbnail Slider < 1.0.1 - Authenticated (Subscriber+) Arbitrary File Upload | nik00726 | Thumbnail carousel slider | High | 8.8 | 2025-07-25 02:23:58 | Deep Dive |
| CVE-2025-7687 | Latest Post Accordian Slider <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | anop-goswami | Latest Post Accordian Slider | Medium | 6.1 | 2025-07-22 09:22:42 | Deep Dive |
| CVE-2025-6726 | Block Editor Gallery Slider <= 1.1.1 - Missing Authorization to Authenticated (Subscriber+) Limited Post Meta Update | krasenslavov | Block Editor Gallery Slider for WordPress – Image Slider, Gallery Carousel & Lightbox Plugin | Medium | 4.3 | 2025-07-18 05:23:59 | Deep Dive |
| CVE-2025-30943 | WordPress Posts Slider Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability | Aakif Kadiwala | Posts Slider Shortcode | Medium | 6.5 | 2025-07-04 08:42:21 | Deep Dive |
| CVE-2024-5647 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library | blossomthemes | BlossomThemes Social Feed | Medium | 6.4 | 2025-07-03 09:22:19 | Deep Dive |
| CVE-2025-53308 | WordPress Image Slider With Description plugin <= 9.2 - Cross Site Request Forgery (CSRF) Vulnerability | gopi_plus | Image Slider With Description | High | 7.1 | 2025-06-27 13:21:32 | Deep Dive |
| CVE-2025-53281 | WordPress WPB Category Slider for WooCommerce plugin <= 1.71 - Local File Inclusion Vulnerability | WPBean | WPB Category Slider for WooCommerce | High | 7.5 | 2025-06-27 13:21:21 | Deep Dive |
| CVE-2025-53199 | WordPress HT Slider For Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability | HT Plugins | HT Slider For Elementor | Medium | 6.5 | 2025-06-27 13:20:59 | Deep Dive |
| CVE-2025-3863 | Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function | plugindevs | Post Carousel Slider for Elementor | Medium | 4.3 | 2025-06-26 02:06:32 | Deep Dive |
| CVE-2025-5291 | Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes | averta | Master Slider – Responsive Touch Slider | Medium | 6.4 | 2025-06-17 11:23:37 | Deep Dive |
| CVE-2025-5337 | Slider, Gallery, and Carousel by MetaSlider <= 3.98.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via aria-label Parameter | metaslider | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | Medium | 6.4 | 2025-06-14 09:23:33 | Deep Dive |
| CVE-2025-31050 | WordPress Apptha Slider Gallery plugin <= 2.5 - Arbitrary File Read vulnerability | appthaplugins | Apptha Slider Gallery | High | 7.5 | 2025-06-09 15:56:46 | Deep Dive |
| CVE-2025-28966 | WordPress Recent Posts Slider Responsive plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) vulnerability | dilemma123 | Recent Posts Slider Responsive | High | 7.1 | 2025-06-06 12:54:33 | Deep Dive |
| CVE-2025-30634 | WordPress WP Featured Content Slider plugin <= 2.6 - Cross Site Scripting (XSS) Vulnerability | IWEBIX | WP Featured Content Slider | Medium | 5.9 | 2025-06-06 12:54:22 | Deep Dive |
| CVE-2025-4567 | Post Slider and Carousel with Widget < 3.2.10 - Admin+ Stored XSS | Unknown | Post Slider and Post Carousel with Post Vertical Scrolling Widget | - | - | 2025-06-03 06:00:18 | Deep Dive |
| CVE-2025-4597 | Woo Slider Pro - Drag Drop Slider Builder For WooCommerce <= 1.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion | bc2018 | Woo Slider Pro – Drag Drop Slider Builder For WooCommerce | Medium | 6.5 | 2025-05-30 11:15:09 | Deep Dive |
| CVE-2025-48334 | WordPress Woo Slider Pro <= 1.12 - Arbitrary Content Deletion Vulnerability | BinaryCarpenter | Woo Slider Pro | Medium | 6.5 | 2025-05-30 08:42:56 | Deep Dive |
| CVE-2025-39412 | WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability | averta | Master Slider | Medium | 4.3 | 2025-05-19 17:25:26 | Deep Dive |
| CVE-2025-39364 | WordPress Product Category Slider for WooCommerce plugin <= 4.3.4 - Local File Inclusion vulnerability | PluginEver | Product Category Slider for WooCommerce | High | 7.5 | 2025-05-19 16:28:31 | Deep Dive |