CVE-2025-66092
WordPress Accordion Slider plugin <= 1.9.13 - Cross Site Scripting (XSS) vulnerability
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bqworks Accordion Slider accordion-slider allows Stored XSS.This issue affects Accordion Slider: from n/a through <= 1.9.13.
| CWE | CWE-79 |
| Vendor | bqworks |
| Product | accordion slider |
| Published | Nov 21, 2025 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for bqworks accordion slider
Be the first to know when new medium vulnerabilities affecting bqworks accordion slider are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
bqworks / Accordion Slider
0 โค 1.9.13
References
Credits
Muhammad Yudha - DJ | Patchstack Bug Bounty Program