WordPress Slides and Presentations Plugin Code Injection Vulnerability

Vulnerability

A cross-site scripting (XSS) vulnerability allowing code injection has been identified in the WordPress Slides & Presentations plugin, versions through 0.0.39. This vulnerability arises from improper neutralization of script-related HTML tags, which could enable a malicious actor to inject content into pages and posts, potentially including phishing materials.

Impact

Exploitation of this vulnerability could lead to unauthorized content injection, allowing for the insertion of malicious or deceptive content, such as phishing pages, into the affected WordPress site.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

5.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Slides and Presentations Plugin Code Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating