Description
WordPress Plugin Slideshow is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Slideshow version 2.2.21 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.2.22 or latest
References
http://www.openwall.com/lists/oss-security/2015/05/01/7
http://seclists.org/oss-sec/2015/q2/325
http://www.openwall.com/lists/oss-security/2015/05/02/12
https://wordpress.org/plugins/slideshow-jquery-image-gallery/changelog/
Related Vulnerabilities
Zope Web Application Server Other Vulnerability (CVE-2002-0687)
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2022-23500)
WordPress 4.8.x Cross-Domain Flash Injection Vulnerability (4.8 - 4.8.4)
MySQL CVE-2014-2419 Vulnerability (CVE-2014-2419)
WordPress 'wp-login.php' HTTP Response Splitting Vulnerability (1.2)