CVE-2026-14244
Last modified
CVE-2026-14244 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.. EPSS estimates a 0.69% chance of exploitation in the next 30 days.
Description
The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| jssor | Jssor Slider by jssor.com | <= 3.1.24 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14244?
How severe is CVE-2026-14244?
How do I fix CVE-2026-14244?
Related CVEs from 2026
- CVE-2026-14209A vulnerability was discovered in Keycloak's Admin UI extens…4.3
- CVE-2026-1421A vulnerability has been found in code-projects Online Exami…5.4
- CVE-2026-1422A vulnerability was found in code-projects Online Examinatio…9.8
- CVE-2026-1423A vulnerability was determined in code-projects Online Exami…9.8
- CVE-2026-1424A vulnerability was identified in PHPGurukul News Portal 1.0…7.2
- CVE-2026-14241Memory safety bugs present in Firefox 152.0.3. Some of these…9.8
- CVE-2026-14245The miniOrange OTP Login, Verification and SMS Notifications…9.8
- CVE-2026-14249The Request a Quote plugin for WordPress is vulnerable to Co…7.5
- CVE-2026-1425A security flaw has been discovered in pymumu SmartDNS up to…6.3
- CVE-2026-14250The Themehunk Login Registration plugin for WordPress is vul…6.3
- CVE-2026-14258A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router …6.5
- CVE-2026-1426The Advanced AJAX Product Filters plugin for WordPress is vu…8.8
Are you affected by CVE-2026-14244?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
