Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider

{
    "slug": "ml-slider",
    "finding_count": 3,
    "findings": [
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php",
            "line": 182,
            "snippet": "return eval('return array(' . $contents . ');');",
            "confidence": "medium"
        },
        {
            "pattern": "base64_decode",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/URIScheme/data.php",
            "line": 78,
            "snippet": "$raw_data = base64_decode($data);",
            "confidence": "medium"
        },
        {
            "pattern": "eval_call",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/VarParser/Native.php",
            "line": 30,
            "snippet": "$result = eval(\"\\$var = $expr;\");",
            "confidence": "medium"
        }
    ],
    "resolved_sha": "7438698b9fc37feca91cb4442de769eb6bda1e7c"
}

{
    "slug": "ml-slider",
    "pattern": "unserialize_after_remote_call",
    "kind": "builtin",
    "version": "3.108.0",
    "hit_count": 3,
    "first_hit": {
        "file": "lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php",
        "line": 73,
        "snippet": "L73: return unserialize(file_get_contents($file));  \u2192  L73: return unserialize(file_get_contents($file));"
    },
    "explanation": "a remote HTTP fetch (`wp_remote_*`/`curl_exec`/`file_get_contents`) is followed by `@unserialize` within the same file \u2014 classic PHP Object Injection C2 gadget used by EP and most WP supply-chain backdoors. The error-suppressed form is the tell: legit code wants to know when deserialize fails; attackers suppress so malformed gadgets do not leak."
}

{
    "slug": "ml-slider",
    "previous_version": "3.108.0",
    "current_version": "3.108.0",
    "new_findings": [
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php",
            "line": 73,
            "snippet": "L73: return unserialize(file_get_contents($file));  \u2192  L73: return unserialize(file_get_contents($file));",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/ConfigSchema.php",
            "line": 72,
            "snippet": "L71: $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/sc  \u2192  L72: $r = unserialize($contents);",
            "confidence": "high"
        },
        {
            "pattern": "unserialize_after_remote_call",
            "kind": "builtin",
            "file": "lib/htmlpurifier/library/HTMLPurifier/EntityLookup.php",
            "line": 26,
            "snippet": "L26: $this->table = unserialize(file_get_contents($file));  \u2192  L26: $this->table = unserialize(file_get_contents($file));",
            "confidence": "high"
        }
    ],
    "new_finding_count": 3
}