CVE-2021-47922

Published
View on NVD ↗
CVSS v3
6.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of users viewing the slider on both administrative and frontend pages.

Slider by Soliloquy – Responsive Image Slider for WordPress
Slider by Soliloquy – Responsive Image Slider for WordPress
<h4>Responsive WordPress Slider Plugin</h4> <p>We believe that you shouldn&#8217;t have to hire a developer to create a WordPress slider. That&#8217;s why we built <a href="https://soliloquywp.com/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" title="Soliloquy" rel="friend nofollow ugc">Soliloquy</a>, a drag &amp; drop <strong>slider plugin</strong> that&#8217;s both EASY and POWERFUL.</p> <p><strong>Soliloquy</strong> allows you to create beautiful responsive image and video sliders for your WordPress site in minutes, not hours! Add carousel sliders and much more in no time.</p> <p>User experience is our #1 priority. That&#8217;s why we put in extra effort to ensure that Soliloquy is the best responsive <strong>image slider</strong> for WordPress. This means that your slideshows will always look great on all devices (mobile (iOS or Android), tablet, laptop, and desktop).</p> <p>Soliloquy is highly optimized for web and server performance because we understand the importance of speed when it comes to SEO and conversion. According to multiple independent speed tests, this is the <strong>fastest plugin</strong> in the market of its kind.</p> <blockquote> <p><strong>Soliloquy Pro</strong><br /> This plugin is the lite version of the popular Soliloquy Pro plugin. The Pro plugin comes with all the features you will ever need including templates and sliders for: PDFs, WooCommerce, featured content, carousel, Lightbox, thumbnail navigation, Instagram, image protection, and tons more. <a href="https://soliloquywp.com/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" title="Envira Gallery" rel="friend nofollow ugc">Click here to purchase Soliloquy now!</a></p> </blockquote> <p><strong>Soliloquy</strong> has been downloaded over 1,500,000 times. Here&#8217;s why smart photographers, designers, and developers love Soliloquy, and you will too!</p> <p><span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/DAR_dL3biWw?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span></p> <h4>Drag &amp; Drop Responsive Builder</h4> <p>We were tired of bloated and buggy plugins. That&#8217;s why we built Soliloquy to adapt to your workflow. By using our easy to use <a href="https://soliloquywp.com/features/drag-drop-builder/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">drag and drop builder</a>, you can upload your images, rearrange them.</p> <p>You can also add slider blocks built for the new WordPress 5.0 Gutenberg block editor.</p> <p>But don&#8217;t just take our word. See what one of the WordPress experts are saying:</p> <blockquote> <p>I used to custom build rotators for every project since I hadn&#8217;t found a tool with the flexibility I needed. Now I have Soliloquy. It <strong>works great out of the box</strong>, has an easy-to-use interface, and gives you the power to customize everything with hooks and filters.<br /> Bill Erickson &#8211; WordPress Consultant</p> </blockquote> <h4>Responsive, SEO Friendly and Optimized for Speed</h4> <p>Soliloquy is 100% responsive and mobile-friendly by default. We also optimized every query on the front-end and the back-end to ensure maximum speed.</p> <p>We made Soliloquy the most SEO friendly plugin with proper HTML markup, fast speed, and Google friendly display.</p> <h4>Themes</h4> <p>You can use the many pre-made templates.</p> <p>On top of our themes, you can use custom CSS to customize anything.</p> <p>See the demo of our <a href="https://soliloquywp.com/demo/slider-themes-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">WordPress slider themes</a>.</p> <h4>WooCommerce Products</h4> <p>Easily create product slideshows with just a few clicks.</p> <p>You can filter by category, price, availability, featured, or another criteria.<br /> You can also include or exclude specific products.</p> <p>Watch the <a href="https://soliloquywp.com/addons/woocommerce-addon/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">WooCommerce product slides video</a>.</p> <h4>Featured Content</h4> <p>Slideshows for blog posts, products, testimonials, photo galleries, and more. Almost anything based on your website&#8217;s content.</p> <p>Watch the <a href="https://soliloquywp.com/addons/featured-content/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">WooCommerce featured content video</a>.</p> <h4>Lightbox</h4> <p>For your images, photos, and galleries. Opens your images in a full screen mode that&#8217;s easy to browse on all devices.</p> <p>Yes, it&#8217;s 100% mobile friendly.</p> <p>See the <a href="https://soliloquywp.com/demo/lightbox-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Lightbox demo</a>.</p> <h4>Carousel</h4> <p>You can create slideshows for carousel images, videos, or even complete gallery carousel.</p> <p>See the <a href="https://soliloquywp.com/demo/carousel-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Carousel demo</a>.</p> <h4>Dynamic Slides</h4> <p>Automatically create slideshows from blog posts, testimonials, Instagram images, and galleries.</p> <h4>Slides with Thumbnails</h4> <p>Add thumbnail images as your navigation.</p> <p>You can configure the size, position, and more.</p> <p>See the <a href="https://soliloquywp.com/demo/slider-with-thumbnails-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Thumbnail slides demo</a>.</p> <h4>Instagram Slides</h4> <p>A slideshow based on your Instagram photos, photos that you like, or even photos with specific tags.</p> <p>You can have as many photos that you like. You can even display photo captions.</p> <p>See the <a href="https://soliloquywp.com/demo/instagram-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Instagram slides demo</a>.</p> <h4>PDF Slides</h4> <p>Great for showing your presentation slides on your website.</p> <p>See the <a href="https://soliloquywp.com/demo/pdf-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">PDF slides demo</a>.</p> <h4>Video Slides</h4> <p>Show videos from multiple sources: YouTube, Vimeo, Wistia, and even self-hosted videos.</p> <p>See the <a href="https://soliloquywp.com/demo/video-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Video slides demo</a>.</p> <h4>Custom HTML Slides</h4> <p>Slideshows for Quotes, mixed-content, and others using HTML.</p> <p>See the <a href="https://soliloquywp.com/demo/html-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">HTML slides demo</a>.</p> <h4>Transition Effects</h4> <p>Soliloquy comes with numerous transitions that you can choose from. You can have a fade image transition, horizontal scroll image transition, vertical scroll image transition, ticker scroll image transition, and more.</p> <p>You can also auto play, control your transition speed, and more.</p> <h4>Schedule Addon</h4> <p>The schedule feature is great for holiday sales and special events.</p> <h4>Pinterest Media button</h4> <p>Allows users to easily share your images on Pinterest.</p> <p>See the <a href="https://soliloquywp.com/addons/pinterest/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Pinterest demo</a>.</p> <h4>Easy to Customize and Extend</h4> <p>You can easily customize Soliloquy with our built-in templates or create your own.</p> <p>But we also knew that our developer friends may want to extend it further. That&#8217;s why Soliloquy comes with tons of hooks and filters (and yes it&#8217;s all very-well documented).</p> <p>See why one of the leading WordPress developers love Soliloquy:</p> <blockquote> <p>Soliloquy is just as easy to use as you&#8217;d hope, and its underlying code is solid. It follows WordPress coding conventions, is securely coded, and blends into the WordPress UI perfectly. I&#8217;ll definitely be recommending Soliloquy to anyone who needs a WordPress slider plugin!<br /> Mark Jaquith &#8211; Lead Developer for WordPress</p> </blockquote> <h4>Full Soliloquy Feature List</h4> <ul> <li>Guttenberg Blocks for WordPress 5.0</li> <li>Drag &amp; Drop Builder</li> <li>100% Responsive &#8211; Mobile Friendly</li> <li>Beautiful Templates for Customization</li> <li><a href="https://soliloquywp.com/addons/featured-content/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Featured Content</a> &#8211; Easily create slideshows based on blog posts, pages, products, testimonials, and other custom post types.</li> <li><a href="https://soliloquywp.com/addons/woocommerce-addon/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">WooCommerce</a> &#8211; Create beautiful product slides for your WooCommerce store.</li> <li><a href="https://soliloquywp.com/addons/lightbox/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Lightbox</a> &#8211; Create Lightbox slideshows for your photos and galleries.</li> <li><a href="https://soliloquywp.com/addons/carousel/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Carousel</a> &#8211; Create responsive carousels for your images, photos, videos, and galleries.</li> <li><a href="https://soliloquywp.com/addons/thumbnails/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Thumbnails</a> &#8211; Add thumbnail images as navigation.</li> <li><a href="https://soliloquywp.com/addons/instagram/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Instagram</a> &#8211; Import images from Instagram.</li> <li><a href="https://soliloquywp.com/addons/pdf/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">PDFs</a> &#8211; From your presentation slides and other PDF files.</li> <li><a href="https://soliloquywp.com/addons/pinterest/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Pinterest</a> &#8211; Easily add Pinterest &#8220;Pin It&#8221; buttons.</li> <li><a href="https://soliloquywp.com/addons/css/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">CSS Styles</a> &#8211; Customize with custom CSS.</li> <li><a href="https://soliloquywp.com/addons/protection-addon/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Image Protection</a> &#8211; Protect your images with Soliloquy protection addon.</li> <li><a href="https://soliloquywp.com/addons/schedule/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Schedule Slides</a> &#8211; Easily schedule items to display at specific time intervals.</li> <li><a href="https://soliloquywp.com/addons/defaults-addon/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Default Settings</a> &#8211; Speed up your creation with customized Default settings.</li> <li>Want us to add something else? Suggest a feature and we&#8217;ll get it added!</li> </ul> <blockquote> <p>We have used many sliders in the past building client WordPress sites and now only use Soliloquy. It is designer/developer friendly to customize and easy for our clients to use once the site is their hands. We don&#8217;t even consider using anything else.<br /> Brian Bourn &#8211; Expert WordPress Consultant</p> </blockquote> <h4>Demos</h4> <p>Soliloquy is truly the perfect combination of Easy and Powerful.</p> <p>While Soliloquy offers tons of features, below are some of the most requested demos.</p> <ul> <li><a href="https://soliloquywp.com/demo/carousel-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Carousel Demo</a></li> <li><a href="https://soliloquywp.com/demo/featured-content-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Featured Content Demo</a></li> <li><a href="https://soliloquywp.com/demo/lightbox-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Lightbox Demo</a></li> <li><a href="https://soliloquywp.com/demo/video-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Video Demo</a></li> <li><a href="https://soliloquywp.com/instagram-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Instagram Demo</a></li> <li><a href="https://soliloquywp.com/demo/pdf-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> PDF Demo</a></li> <li><a href="https://soliloquywp.com/demo/html-slider-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Custom HTML Slideshow Demo</a></li> <li><a href="https://soliloquywp.com/demo/slider-with-thumbnails-demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc"> Slideshow with Thumbnails Demo</a></li> <li>See the full list of <a href="https://soliloquywp.com/demo/?utm_source=wprepo&amp;utm_medium=link&amp;utm_campaign=liteversion" rel="friend nofollow ugc">Soliloquy Demos</a></li> </ul> <h4>Credits</h4> <h4>What&#8217;s Next</h4> <p>If you like Soliloquy, then consider checking out our other plugins:</p> <ul> <li><a href="http://enviragallery.com/" title="Envira Gallery" rel="friend nofollow ugc">Envira Gallery</a> &#8211; Best WordPress Gallery Plugin</li> <li><a href="https://wp-pdf.com/" title="WP-PDF Embedder" rel="friend nofollow ugc">WP-PDF Embedder</a> &#8211; Best WordPress PDF Embedding Plugin</li> </ul> <h3>Notes</h3> <p>In v2.0 of Soliloquy Lite, we introduce a big plugin architecture change. You need to make sure you click on the link and follow the instructions on the screen when updating.</p> <p>The pro version of Soliloquy has many more features and enables you to do so much more than Soliloquy Lite, such as add images from your Media Library and use your own custom videos from YouTube, Vimeo and Wistia!</p>
WordPress Plugin DirectoryWordPress Plugin Directory
2.51M