Directory Traversal Vulnerability in Jssor Slider Plugin for WordPress
CVE-2026-14244
7.5HIGH
What is CVE-2026-14244?
The Jssor Slider plugin for WordPress is susceptible to a directory traversal vulnerability due to improper validation of the 'url' parameter. This flaw can be exploited by unauthenticated attackers, allowing them to access and read arbitrary files on the server. If successfully exploited, this may lead to the exposure of sensitive information that could compromise the integrity and confidentiality of the affected site. Users of the plugin are strongly advised to update to the latest version to mitigate this security risk.
Affected Version(s)
Jssor Slider by jssor.com 0 <= 3.1.24