Lucene search
K
AvertaDepicter Slider

4 matches found

CVE
CVE
added 2024/08/12 10:1 p.m.52 views

CVE-2024-43161

CVE-2024-43161 involves an improperly neutralized input in Averta Depicter Slider, enabling stored XSS. Affected: Depicter Slider versions up to and including 3.1.2. Mode of attack: authenticated (Editor+) Stored Cross-Site Scripting. Impact is cross-site script execution within the application c...

5.9CVSS5.8AI score0.00278EPSS
CVE
CVE
added 2024/01/05 2:2 a.m.50 views

CVE-2023-6493

The Depicter Slider WordPress plugin (Averta Depicter Slider) is vulnerable to Cross-Site Request Forgery in all versions up to 2.0.6 due to missing/incorrect nonce validation on the save function. Unauthenticated attackers can modify plugin settings by tricking an administrator into performing a...

4.3CVSS4.6AI score0.00198EPSS
CVE
CVE
added 2024/10/05 2:58 p.m.49 views

CVE-2024-47381

CVE-2024-47381 is a stored XSS in Averta Depicter Slider (WordPress Slider & Popup Builder). Public sources confirm vulnerability in Depicter Slider up to version 3.2.2, with a fixed release in 3.5.0. Root cause: improper neutralization of input during web page generation that enables stored XSS....

5.9CVSS5.9AI score0.00262EPSS
CVE
CVE
added 2024/12/13 2:22 p.m.34 views

CVE-2022-47176

CVE-2022-47176 affects WordPress Depicter Slider (plugin) up to version 1.9.0. Root cause: missing authorization check leading to broken access control. Impact is described as low to medium (CVSS 4.3). Public details come from multiple sources (Wordfence entry, Red Hat/CNVD entries, Patchstack sy...

4.3CVSS8.5AI score0.00518EPSS