CVE-2025-5337 | MetaSlider Slider, Gallery, and Carousel Plugin up to 3.98.0 on WordPress aria-label cross site scripting

Inserito da Angelo Barbosa | Giu 14, 2025 | CVE

A vulnerability, which was classified as problematic, was found in MetaSlider Slider, Gallery, and Carousel Plugin up to 3.98.0 on WordPress. This affects an unknown part. The manipulation of the argument aria-label leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-5337. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-5337 | MetaSlider Slider, Gallery, and Carousel Plugin up to 3.98.0 on WordPress aria-label cross site scripting

Post correlati

CVE-2024-57945 | Linux Kernel up to 6.6.71/6.12.9 Virtual Address init_unavailable_range initialization

CVE-2024-4263 | mlflow up to 2.10.0 access control

CVE-2024-25710 | Apache Commons Compress up to 1.25.0 infinite loop

CVE-2024-8832 | PDF-XChange Editor EMF File Parser out-of-bounds (ZDI-24-1255)