CVE-2023-28499

CVE-2023-28499: WordPress Slide Anything Plugin <= 2.4.9 is vulnerable to Cross Site Scripting (XSS)

Vendor Simonpedge
Product Slide Anything – Responsive Content / HTML Slider and Carousel
Weakness CWE-79 · XSS
Published November 7, 2023
Last update April 29, 2026

CVSS base score

What the vulnerability does

01Description

Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin <= 2.4.9 versions.

Key dates

02Disclosure timeline

November 7, 2023 CVE published
April 29, 2026 Record updated

Related vulnerabilities

04Related CVE