🔐 CVE Alert

CVE-2025-23448

UNKNOWN 0.0

WordPress visualslider Sldier plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dastan800 visualslider Sldier visual-slider allows Reflected XSS.This issue affects visualslider Sldier: from n/a through <= 1.1.1.

CWE CWE-79
Vendor dastan800
Product visualslider sldier
Published Apr 17, 2025
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for dastan800 visualslider sldier

Be the first to know when new unknown vulnerabilities affecting dastan800 visualslider sldier are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

dastan800 / visualslider Sldier
0 ≤ 1.1.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/visual-slider/vulnerability/wordpress-visualslider-sldier-plugin-1-1-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program