Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
UberSlider Classic: Malicious Code Injection
CVE-2026-28102
Summary
A security issue in UberSlider Classic could allow hackers to inject malicious code into web pages, potentially stealing user data or taking control of a website. If not patched, this issue could lead to unauthorized access to sensitive information. Update to version 2.6 or later to fix the issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Classic uberSlider_classic allows Reflected XSS.This issue affects Uber...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Classic uberSlider_classic allows Reflected XSS.This issue affects UberSlider Classic: from n/a through <= 2.5.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026