Lucene search
+L

129 matches found

patchstack
patchstack
added 2024/09/30 10:39 a.m.4 views

WordPress Slider & Popup Builder by Depicter plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Depicter Slider versions = 3.2.2...

5.9CVSS6.1AI score0.00262EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/09/30 9:17 a.m.3 views

WordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Depicter Slider versions = 3.2.2...

9.8CVSS7AI score0.00294EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/09/30 12:0 a.m.10 views

WordPress Depicter Slider Plugin <= 3.2.2 is vulnerable to Broken Access Control

Software Depicter Slider Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47359 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fe95aaab539d Credits Rafie Muhammad Patchstack...

9.8CVSS6.5AI score0.00294EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2024/09/30 12:0 a.m.13 views

WordPress Depicter Slider Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Depicter Slider Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47381 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c88e18af2d73 Credits savphill Required privilege Editor...

5.9CVSS6.5AI score0.00262EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/08/14 8:29 a.m.274 views

CVE-2024-4389 Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with contributor access or higher...

8.8CVSS0.01021EPSS
Exploits0References3
euvd
euvd
added 2024/08/14 8:29 a.m.7 views

EUVD-2024-44022

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with contributor access or higher...

8.8CVSS7.2AI score0.01021EPSS
Exploits0References3
patchstack
patchstack
added 2024/08/14 1:5 a.m.6 views

WordPress Depicter Slider plugin <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Depicter Slider versions = 3.1.1...

8.8CVSS7AI score0.01021EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2024/08/14 12:0 a.m.8 views

WordPress Depicter Slider Plugin <= 3.1.1 is vulnerable to Arbitrary File Upload

Software Depicter Slider Type Plugin Vulnerable versions = 3.1.1 Fixed in 3.1.2 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-4389 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 73585a151085 Credits Arkadiusz Hydzik Required privilege...

8.8CVSS6.8AI score0.01021EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2024/08/14 12:0 a.m.7 views

WordPress plugin Slider and Carousel slider by Depicter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.8CVSS6.8AI score0.01021EPSS
Exploits0References4
nvd
nvd
added 2024/08/12 10:15 p.m.27 views

CVE-2024-43161

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

5.9CVSS0.00278EPSS
Exploits0References1
attackerkb
attackerkb
added 2024/08/12 10:15 p.m.4 views

CVE-2024-43161

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

5.9CVSS5.2AI score0.00278EPSS
Exploits0References2
osv
osv
added 2024/08/12 10:15 p.m.3 views

CVE-2024-43161

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

4.8CVSS5.8AI score0.00278EPSS
Exploits0References1
cve
cve
added 2024/08/12 10:1 p.m.52 views

CVE-2024-43161

CVE-2024-43161 involves an improperly neutralized input in Averta Depicter Slider, enabling stored XSS. Affected: Depicter Slider versions up to and including 3.1.2. Mode of attack: authenticated (Editor+) Stored Cross-Site Scripting. Impact is cross-site script execution within the application c...

5.9CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/08/12 10:1 p.m.21 views

CVE-2024-43161 WordPress Slider & Popup Builder by Depicter plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

5.9CVSS5.8AI score0.00278EPSS
Exploits0References1
cvelist
cvelist
added 2024/08/12 10:1 p.m.32 views

CVE-2024-43161 WordPress Slider & Popup Builder by Depicter plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2...

5.9CVSS0.00278EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/08/12 12:0 a.m.5 views

WordPress plugin Depicter Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...

5.9CVSS6.6AI score0.00278EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/08/12 12:0 a.m.10 views

PT-2024-30353 · Unknown · Averta Depicter Slider

Name of the Vulnerable Software and Affected Versions: Averta Depicter Slider versions n/a through 3.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: F...

5.9CVSS5.6AI score0.00278EPSS
Exploits0References6
patchstack
patchstack
added 2024/08/07 1:16 p.m.8 views

WordPress Slider & Popup Builder by Depicter plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Depicter Slider versions = 3.1.2...

5.9CVSS6.1AI score0.00278EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2024/08/07 12:0 a.m.13 views

WordPress Depicter Slider Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Depicter Slider Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43161 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8a6b4ac82b8a Credits savphill Required privilege Editor...

5.9CVSS6.6AI score0.00278EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2024/07/22 9:15 a.m.20 views

CVE-2024-37414

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2...

5.9CVSS0.00259EPSS
Exploits0References1
Rows per page
Query Builder