VYPR

Wp Simple Slideshow

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-26576HigMar 26, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in takumin WP Simple Slideshow wp-simple-slideshow allows Reflected XSS.This issue affects WP Simple Slideshow: from n/a through <= 1.0.

  • CVE-2026-1885MedFeb 11, 2026
    risk 0.42cvss 6.4epss 0.00

    The Slideshow Wp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sswpid' attribute of the 'sswp-slide' shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping on user supplied attributes.…