Master Slider Security Vulnerabilities and Issues — Master Slider CVE List

Lucene search

AvertaMaster Slider

3 matches found

CVE•added 2024/03/02 12:16 p.m.•70 views

CVE-2024-0611

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slides callback functionality in all versions up to, and including, 3.9.5. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scri...

4.8CVSS4.5AI score0.00217EPSS

CVE•added 2024/03/02 12:15 p.m.•64 views

CVE-2023-6326

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.3. This is due to missing or incorrect nonce validation on the 'process_bulk_action' function. This makes it possible for unauthenticated attackers ...

5.4CVSS6.1AI score0.00047EPSS

CVE•added 2024/03/02 12:16 p.m.•60 views

CVE-2024-1449

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slide shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5.8AI score0.00094EPSS