Social Slider Feed – Social Media Feed & Gallery Widgets

Vulnerabilities 23Slug instagram-slider-widgetLatest version 2.3.4WordPress.org →

Minimum safe version

2.3.3

Update to 2.3.3 or later to address 23 fixable vulnerabilities

Latest available2.3.4 ✓

N/A

2026-04-16< 2.3.3

Social Slider Feed <= 2.3.2 - Unauthenticated Stored Cross-Site Scripting

Wordfence CVE

Medium 4.8

2025-05-15< 2.2.9

CVE-2024-10149

CVE EUVD Wordfence

Low 3.5

2025-04-21< 2.2.9

WordPress Social Slider Feed Plugin < 2.2.9 is vulnerable to Cross Site Scripting (XSS)

Patchstack Wordfence CVE

Medium 4.3

2024-11-01< 2.2.5

CVE-2024-43215

CVE Patchstack Wordfence

N/A

< 2.0.5

Social Slider Feed < 2.0.5 - Subscriber+ Stored XSS via Feeds

WPScan

N/A

< 2.0.5

Social Slider Feed < 2.0.5 - Subscriber+ Arbitrary Feed Deletion

WPScan

N/A

< 2.0.5

Social Slider Feed < 2.0.5 - Subscriber+ Arbitrary API Key Update to Stored XSS

WPScan

N/A

< 2.0.5

Social Slider Feed < 2.0.5 - Reflected Cross-Site Scripting

WPScan

N/A

< 2.0.6

Social Slider Feed < 2.0.6 - Admin+ Stored XSS via API Key

WPScan

N/A

< 2.0.7

Social Slider Feed < 2.0.7 - Admin+ Stored XSS via Feeds

WPScan

N/A

2022-08-01< 2.0.5

Social Slider Feed <= 2.0.4 - Missing Authorization

Wordfence

N/A

2022-08-01< 2.0.5

Social Slider Feed <= 2.0.4 - Authenticated (Scubscriber+) Stored Cross-Site Scripting

Wordfence

N/A

2022-08-01< 2.0.5

Social Slider Feed <= 2.0.4 - Missing Authorization to Cross-Site Scripting

Wordfence

N/A

2022-08-01< 2.0.5

Social Slider Feed <= 2.0.4 - Reflected Cross-Site Scripting

Wordfence

N/A

2022-08-02< 2.0.6

Social Slider Feed <= 2.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Wordfence

N/A

2022-08-09< 2.0.7

Social Slider Feed <= 2.0.6 - Authenticated (Admin+) Stored Cross-Site Scripting

Wordfence

N/A

2022-08-09< 2.0.7

WordPress Social Slider Feed plugin <= 2.0.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2022-08-02< 2.0.6

WordPress Social Slider Feed plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2022-08-01< 2.0.5

WordPress Social Slider Feed plugin <= 2.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2022-08-01< 2.0.5

WordPress Social Slider Feed plugin <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2022-08-01< 2.0.5

WordPress Social Slider Feed plugin <= 2.0.4 - Authenticated Arbitrary Feed Deletion vulnerability

Patchstack

N/A

2022-08-01< 2.0.5

WordPress Social Slider Feed plugin <= 2.0.4 - Authenticated Arbitrary API Key Update vulnerability leading to Stored Cross-Site Scripting (XSS)

Patchstack

Medium 5.4

2023-03-15< 1.8.5

WordPress Social Slider Feed Plugin <= 1.8.4 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan