VYPR

Soliloquy Lite

by WordPress

Source repositories

CVEs (4)

  • CVE-2021-47922MedMay 10, 2026
    risk 0.42cvss 6.4epss 0.00

    Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes…

  • CVE-2024-35775MedAug 12, 2024
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Authentication vulnerability in Soliloquy Team Slider by Soliloquy allows Cross-Site Scripting (XSS).This issue affects Slider by Soliloquy: from n/a through 2.7.6.

  • CVE-2019-25743MedJun 4, 2026
    risk 0.35cvss 5.4epss 0.00

    WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title field. Attackers can submit POST requests to the post editing endpoint with script…

  • CVE-2026-7636MedMay 22, 2026
    risk 0.21cvss 4.3epss 0.00

    The Slider by Soliloquy – Responsive Image Slider for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 via the map_meta_cap. This makes it possible for authenticated attackers, with subscriber-level…