CVE-2025-68558

Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through = 4.0.4...

CVE-2025-68558

Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through = 4.0.4...

CVE-2025-68558

Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through = 4.0.4...

CVE-2025-68558 WordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through = 4.0.4...

CVE-2025-68558

CVE-2025-68558 : A missing/incorrect authorization control in averta Depicter Slider (Depicter) allows unauthorized access due to misconfigured access control levels. Affected: Depicter Slider up to and including version 4.0.4. Impact/notes: CVSS 3.1 base score 6.5 (Medium); attack vector Network...

CVE-2025-68558 WordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Depicter Slider depicter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through = 4.0.4...

WordPress plugin Depicter Slider has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4082

Name of the Vulnerable Software and Affected Versions averta Depicter Slider versions through 4.0.4 Description An issue exists in averta Depicter Slider where incorrectly configured access control security levels can be exploited, leading to a missing authorization condition. Recommendations...

CVE-2025-11370

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'store' function of the...

CVE-2025-11370

CVE-2025-11370 concerns the Depicter — Popup & Slider Builder plugin for WordPress (versions up to 4.0.7). The vulnerability arises from a missing capability check in RulesAjaxController::store, enabling unauthenticated users to modify popup display settings. Wordfence’s vulnerability entry (and ...

CVE-2025-11370 Depicter <= 4.0.7 - Missing Authorization to Unauthenticated Display Rule Updates

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'store' function of the...

CVE-2025-11370 Depicter <= 4.0.7 - Missing Authorization to Unauthenticated Display Rule Updates

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'store' function of the...

PT-2026-1397

Name of the Vulnerable Software and Affected Versions Popup and Slider Builder by Depicter versions through 4.0.7 Description The Popup and Slider Builder by Depicter plugin for WordPress is susceptible to unauthorized data modification. A missing capability check within the store function of the...

WordPress plugin Depicter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress Depicter plugin <= 4.0.7 - Missing Authorization to Unauthenticated Display Rule Updates vulnerability

Missing Authorization to Unauthenticated Display Rule Updates vulnerability discovered by Brizzle in WordPress Plugin Depicter Slider versions = 4.0.7...

WordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Edisc1 in WordPress Plugin Depicter Slider versions = 4.0.4...

WordPress Depicter plugin <= 4.0.4 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Depicter Slider versions = 4.0.4...

CVE-2025-11373

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability checks in the "depicter-media-upload" AJAX route in all...

CVE-2025-11373

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability checks in the "depicter-media-upload" AJAX route in all...

CVE-2025-11373 Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload

The Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability checks in the "depicter-media-upload" AJAX route in all...