VYPR

Wp Skitter Slideshow

by WordPress

Source repositories

CVEs (2)

  • CVE-2022-1751HigAug 17, 2024
    risk 0.47cvss 7.2epss 0.00

    The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web…

  • CVE-2025-28906MedMar 11, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thiago S.F. Skitter Slideshow wp-skitter-slideshow allows Stored XSS.This issue affects Skitter Slideshow: from n/a through <= 2.5.2.