CVE-2025-5752

Name of the Vulnerable Software and Affected Versions Vertical scroll image slideshow gallery plugin for WordPress versions prior to 11.2

Description The plugin is susceptible to Stored Cross-Site Scripting through the width parameter due to inadequate input sanitization and output escaping. This allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the injected page.

Recommendations Update to version 11.2 or later.