Master Slider Security Vulnerabilities and Issues — Master Slider CVE List

Lucene search

AvertaMaster Slider

9 matches found

CVE•added 2024/04/18 10:15 a.m.•63 views

CVE-2024-32580

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8.

6.5CVSS6.4AI score0.00133EPSS

CVE•added 2024/03/02 12:16 p.m.•60 views

CVE-2024-1449

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slide shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5.8AI score0.00094EPSS

CVE•added 2024/05/21 7:15 a.m.•47 views

CVE-2024-4470

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide_info' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'tag_name' attribute. This...

6.4CVSS5.7AI score0.00169EPSS

CVE•added 2024/06/18 3:15 a.m.•44 views

CVE-2024-4375

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. This m...

6.4CVSS5.5AI score0.00207EPSS

CVE•added 2025/03/05 10:15 a.m.•41 views

CVE-2024-13757

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_layer shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

6.4CVSS5.9AI score0.00057EPSS

CVE•added 2025/03/05 10:15 a.m.•40 views

CVE-2024-11731

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slider shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possi...

6.4CVSS5.9AI score0.00057EPSS

CVE•added 2024/07/26 6:15 a.m.•40 views

CVE-2024-6490

During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.

6.5CVSS6.4AI score0.00017EPSS

CVE•added 2024/06/01 5:15 a.m.•20 views

CVE-2023-6382

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_slide' shortcode in all versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied 'css_class' attribute. This mak...

6.4CVSS5.9AI score0.00197EPSS

CVE•added 2025/06/17 12:15 p.m.•18 views

CVE-2025-5291

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's masterslider_pb and ms_slide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes....

6.4CVSS5.7AI score0.00044EPSS