{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-39467", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-04-07T10:41:57.169Z", "datePublished": "2026-04-21T09:35:29.246Z", "dateUpdated": "2026-04-21T09:35:29.246Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-21T09:35:29.246Z"}, "title": "WordPress Responsive Slider by MetaSlider plugin <= 3.106.0 - PHP Object Injection vulnerability", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-502", "description": "CWE-502 Deserialization of Untrusted Data", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "CAPEC-586 Object Injection"}]}], "affected": [{"vendor": "MetaSlider", "product": "Responsive Slider by MetaSlider", "collectionURL": "https://wordpress.org/plugins", "packageName": "ml-slider", "versions": [{"status": "affected", "version": "n/a", "lessThanOrEqual": "3.106.0", "changes": [{"at": "3.107.0", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.<p>This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0.</p>"}]}], "tags": ["x_open-source"], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/ml-slider/vulnerability/wordpress-responsive-slider-by-metaslider-plugin-3-106-0-php-object-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Update the WordPress Responsive Slider by MetaSlider Plugin to the latest available version (at least 3.107.0).", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Update the WordPress Responsive Slider by MetaSlider Plugin to the latest available version (at least 3.107.0)."}]}], "credits": [{"lang": "en", "value": "daroo", "user": "00000000-0000-4000-9000-000000000000", "type": "finder"}, {"lang": "en", "value": "Marc-Andr\u00e9 Beaulieu (h3dg3h0g)", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0."}], "id": "CVE-2026-39467", "lastModified": "2026-04-21T10:16:29.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-04-21T10:16:29.280", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/wordpress/plugin/ml-slider/vulnerability/wordpress-responsive-slider-by-metaslider-plugin-3-106-0-php-object-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,3.106.0]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Responsive Slider by MetaSlider", "source": "cna", "vendor": "MetaSlider"}, "product": "responsive_slider_by_metaslider", "vendor": "metaslider"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-22T03:23:17.892537+00:00", "value": {"mitigation_remediation": ["Update the Responsive Slider by MetaSlider plugin to at least version\u00a03.107.0 to apply the vendor fix.", "If an immediate update is not possible, temporarily deactivate or delete the plugin to eliminate the attack surface until the patch can be applied.", "As a short\u2011term measure, restrict or monitor any endpoints that allow serialized input, and ensure WordPress is configured to disallow unserialization of data from untrusted sources."], "summary": {"action": "Patch Now", "impact": "Object injection potentially enabling arbitrary code execution"}, "threat_synthesis": {"affected_systems": "The product affected is the WordPress plugin MetaSlider Responsive Slider by MetaSlider. All releases from the earliest version up to 3.106.0 are vulnerable. Any WordPress site that has not upgraded to at least 3.107.0 remains at risk.", "description_and_impact": "The vulnerability is a deserialization of untrusted data that permits PHP object injection, classified as CWE-502. It exists in MetaSlider Responsive Slider by MetaSlider plugin through version 3.106.0. Based on the description, it is inferred that an attacker could craft a serialized payload that, when deserialized by the plugin, creates arbitrary PHP objects and could trigger remote code execution or other malicious actions. The plugin does not perform input validation on the data it deserializes, allowing the injection of crafted payloads and potentially compromising site integrity and confidentiality.", "risk_and_exploitability": "The CVSS score of 7.2 indicates high severity, while the EPSS score of below 1% suggests that exploitation is currently rare and it is not listed in the CISA KEV catalog. The likely attack vector is through the plugin\u2019s functionality that accepts serialized data from external requests; this inference is drawn from the nature of the flaw. No public exploit is documented, but the potential for arbitrary code execution exists if an attacker can supply crafted input. The overall risk is high for affected installations, though the probability of exploitation is low at present."}}}}, "created": "2026-04-22T03:30:06.686995+00:00", "updated": "2026-04-22T11:46:39.080754+00:00", "vendors": ["metaslider", "metaslider$PRODUCT$responsive_slider_by_metaslider", "wordpress", "wordpress$PRODUCT$wordpress"]}