Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Slider Revolution — Vulnerabilities & Security Advisories 14

All 14 CVE vulnerabilities found in Slider Revolution, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2025-10249 Slider Revolution <= 6.7.37 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Read CWE-23 6.5 Medium2025-10-09
CVE-2025-9217 Slider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images' CWE-22 6.5 Medium2025-08-29
CVE-2024-8107 Slider Revolution <= 6.7.18 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload CWE-79 6.4 Medium2024-10-01
CVE-2024-37449 WordPress Slider Revolution plugin <= 6.7.13 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-07-21
CVE-2024-34444 WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability CWE-862 7.1 High2024-06-19
CVE-2024-34443 WordPress Slider Revolution plugin < 6.7.11 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-06-19
CVE-2024-4637 Slider Revolution <= 6.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementor wrapperid and zindex CWE-79 6.4 Medium2024-06-04
CVE-2024-4581 Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes CWE-79 6.4 Medium2024-06-04
CVE-2024-4092 Slider Revolution <= 6.7.7 - Authenticated (Author+) Stored Cross-Site Scripting via htmltag Parameter CWE-79 6.4 Medium2024-05-02
CVE-2024-2306 Revslider <= 6.6.20 - Authenticated (Author+) Stored Cross-Site Scripting CWE-79 6.4 Medium2024-04-09
CVE-2023-6528 Slider Revolution < 6.6.19 - Author+ Insecure Deserialization leading to RCE 8.8AIHighAI2024-01-08
CVE-2023-47784 WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload CWE-434 8.4 High2023-12-20
CVE-2023-47772 WordPress Slider Revolution Plugin <= 6.6.14 is vulnerable to Cross Site Scripting (XSS) CWE-79 6.5 Medium2023-11-20
CVE-2023-2359 Revolution Slider <= 6.6.12 - Author+ Remote Code Execution 9.8 -2023-06-19

All 14 known CVE vulnerabilities affecting Slider Revolution with full Chinese analysis, references, and POCs where available.