VYPR

Product Slider For Woocommerce

by Pickplugins

CVEs (6)

  • CVE-2026-1988HigFeb 14, 2026
    risk 0.49cvss 7.5epss 0.01

    The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the `flexipsg_carousel` shortcode. This is due to the `theme` parameter being directly concatenated into a file path…

  • CVE-2025-39364HigMay 19, 2025
    risk 0.49cvss 7.5epss 0.01

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PluginEver Product Category Slider for WooCommerce woo-category-slider-by-pluginever allows PHP Local File Inclusion.This issue affects Product Category…

  • CVE-2024-45459HigSep 15, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Reflected XSS.This issue affects Product Slider for WooCommerce: from n/a through <= 1.13.50.

  • CVE-2026-25455MedMar 25, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in PickPlugins Product Slider for WooCommerce woocommerce-products-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Slider for WooCommerce: from n/a through <= 1.13.61.

  • CVE-2021-24300May 24, 2021
    risk 0.03cvss epss 0.11

    The slider import search feature of the PickPlugins Product Slider for WooCommerce WordPress plugin before 1.13.22 did not properly sanitised the keyword GET parameter, leading to reflected Cross-Site Scripting issue

  • CVE-2023-0492Feb 21, 2023
    risk 0.00cvss epss 0.00

    The GS Products Slider for WooCommerce WordPress plugin before 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform…