Master Slider@* Security Vulnerabilities and Issues — Master Slider@* CVE List

Lucene search

AvertaMaster Slider*

11 matches found

CVE•added 2024/04/18 11:15 a.m.•76 views

CVE-2024-32600

Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5.

9.6CVSS8.2AI score0.0051EPSS

CVE•added 2024/03/02 12:16 p.m.•70 views

CVE-2024-0611

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slides callback functionality in all versions up to, and including, 3.9.5. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scri...

4.8CVSS4.5AI score0.00217EPSS

CVE•added 2024/03/02 12:15 p.m.•64 views

CVE-2023-6326

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.3. This is due to missing or incorrect nonce validation on the 'process_bulk_action' function. This makes it possible for unauthenticated attackers ...

5.4CVSS6.1AI score0.00047EPSS

CVE•added 2024/04/18 10:15 a.m.•63 views

CVE-2024-32580

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8.

6.5CVSS6.4AI score0.00133EPSS

CVE•added 2024/03/02 12:16 p.m.•60 views

CVE-2024-1449

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slide shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5.8AI score0.00094EPSS

CVE•added 2024/06/20 3:15 p.m.•57 views

CVE-2024-37222

Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue affects Master Slider: from n/a through 3.10.0.

7.1CVSS6.6AI score0.00098EPSS

CVE•added 2024/05/21 7:15 a.m.•47 views

CVE-2024-4470

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide_info' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'tag_name' attribute. This...

6.4CVSS5.7AI score0.00169EPSS

CVE•added 2024/06/19 10:15 a.m.•44 views

CVE-2023-50900

Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.10.

4.3CVSS4.6AI score0.00048EPSS

CVE•added 2024/06/18 3:15 a.m.•44 views

CVE-2024-4375

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. This m...

6.4CVSS5.5AI score0.00111EPSS

CVE•added 2024/07/26 6:15 a.m.•40 views

CVE-2024-6490

During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.

6.5CVSS6.4AI score0.00017EPSS

CVE•added 2024/06/01 5:15 a.m.•20 views

CVE-2023-6382

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'css_class' attribute. This mak...

6.4CVSS5.9AI score0.00197EPSS