Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
UberSlider Ultra allows hackers to inject malicious code on your website
CVE-2026-28099
Summary
A security issue in UberSlider Ultra, a popular web slider plugin, allows hackers to inject malicious code on your website. This could lead to unauthorized access to your site or stealing of sensitive user information. Update to version 2.4 or later to fix this issue.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Ultra uberSlider_ultra allows Reflected XSS.This issue affects UberSlid...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Ultra uberSlider_ultra allows Reflected XSS.This issue affects UberSlider Ultra: from n/a through <= 2.3.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026