Lucene search
K

123 matches found

Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.6 views

PT-2025-38874

Name of the Vulnerable Software and Affected Versions averta Master Slider versions through 3.11.0 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious code can be inject...

6.5CVSS6.2AI score0.00197EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:49 a.m.18 views

CVE-2024-43161

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

5.9CVSS6.8AI score0.00278EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.5 views

CVE-2024-31099

Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.7...

8.8CVSS7AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:1 a.m.6 views

CVE-2024-47381

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in averta Depicter Slider depicter allows Stored XSS.This issue affects Depicter Slider: from n/a through = 3.2.2...

5.9CVSS5.9AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.9 views

CVE-2024-32580

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8...

6.5CVSS5.2AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:44 a.m.8 views

CVE-2024-37414

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2...

5.9CVSS6.8AI score0.00259EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:20 a.m.6 views

CVE-2024-47359

Cross-Site Request Forgery CSRF vulnerability in averta Depicter Slider depicter.This issue affects Depicter Slider: from n/a through = 3.2.2...

9.8CVSS5.9AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.13 views

CVE-2023-39163

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Shop allows PHP Local File Inclusion.This issue affects Phlox Shop: from n/a through 2.0.0...

8.6CVSS6.8AI score0.006EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:24 a.m.8 views

CVE-2023-38399

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Averta Phlox Portfolio allows PHP Local File Inclusion.This issue affects Phlox Portfolio: from n/a through 2.3.1...

8.6CVSS6.8AI score0.006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.9 views

CVE-2023-51491

Cross-Site Request Forgery CSRF vulnerability in Averta Depicter Slider.This issue affects Depicter Slider: from n/a through 2.0.6...

8.8CVSS4.9AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:9 a.m.12 views

CVE-2023-47508

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Averta Master Slider Pro plugin = 3.6.5 versions...

7.1CVSS5.9AI score0.00412EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:17 p.m.10 views

CVE-2025-39412

Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through = 3.11.0...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References1
NVD
NVD
added 2025/05/19 6:15 p.m.13 views

CVE-2025-39412

Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through = 3.11.0...

4.3CVSS0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/19 5:25 p.m.19 views

CVE-2025-39412 WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through = 3.11.0...

4.3CVSS8.6AI score0.00198EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 5:25 p.m.57 views

CVE-2025-39412

CVE-2025-39412 is a Missing Authorization issue affecting WordPress Master Slider/Master Slider plugin. Public details show: Averta Master Slider affected up to version 3.10.8; Master Slider plugin affected up to 3.11.0 (per Patchstack). Applicable CVSS base metrics indicate low to moderate impac...

4.3CVSS7.2AI score0.00198EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/19 5:25 p.m.17 views

CVE-2025-39412 WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Master Slider master-slider.This issue affects Master Slider: from n/a through = 3.11.0...

4.3CVSS0.00198EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/22 12:0 a.m.9 views

PT-2025-17530 · Averta +1 · Master Slider

Name of the Vulnerable Software and Affected Versions: Averta Master Slider versions 3.10.8 and earlier Master Slider Plugin versions 3.10.7 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects the Master Slider Plugin on WordPress,...

4.3CVSS5.3AI score0.00198EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 7:9 a.m.10 views

CVE-2024-32600

Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5...

9.6CVSS5.2AI score0.00492EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:37 a.m.10 views

CVE-2024-37222

Cross Site Scripting XSS vulnerability in Averta Master Slider allows Reflected XSS.This issue affects Master Slider: from n/a through 3.10.0...

7.1CVSS5.9AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2025/02/03 3:15 p.m.3 views

CVE-2024-50500

Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.2...

9.8CVSS5.8AI score0.00412EPSS
Exploits0References1
Rows per page
Query Builder