Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
LambertGroup Content Slider: Reflected Attack Risk
CVE-2026-28109
Summary
A security issue in the LambertGroup Content Slider plugin for websites allows attackers to inject malicious code that can harm users. This affects all versions from an unknown date up to 3.8. To fix this, please update to the latest version of the plugin.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Reflected...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Reflected XSS.This issue affects LambertGroup - AllInOne - Content Slider: from n/a through <= 3.8.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026