CVE-2022-29428 MEDIUM

CVE-2022-29428: WordPress WP Slider Plugin <= 1.4.5 - Cross-Site Scripting (XSS) vulnerability

Vendor Muneeb
Product WP Slider Plugin
Weakness CWE-79 · XSS
Published May 20, 2022
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

4.1/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N

What the vulnerability does

01Description

Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.

Key dates

02Disclosure timeline

May 20, 2022 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-23494 Cross-site scripting vulnerability in TinyMCE alerts CVE-2025-54889 A user with elevated privileges can inject XSS in the SNMP traps manufacturer configuration page CVE-2024-32584 WordPress TeraWallet plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability CVE-2025-20367 Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise CVE-2022-2924 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm