Averta

averta

44 CVEs • 6 products

Products (6)

Click to collapse

Toggle

Shortcodes And Extra Features For Phlox Theme

shortcodes_and_extra_features_for_phlox_theme

Depicter Slider

depicter_slider

Master Slider Pro

master_slider_pro

CVEs (44)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-47508 1Averta 1Master Slider Jun 17, 2026 Nov 16, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Averta Master Slider Pro plugin <= 3.6.5 versions.
CVE-2022-3359 1Averta 1Shortcodes And Extra Features For Phlox Theme Jun 17, 2026 Dec 12, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 The Shortcodes and extra features for Phlox theme WordPress plugin before 2.10.7 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicio...Show more The Shortcodes and extra features for Phlox theme WordPress plugin before 2.10.7 unserializes the content of an imported file, which could lead to PHP object injection when a user imports (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.Show less
CVE-2022-1910 1Averta 1Shortcodes And Extra Features For Phlox Theme Jun 17, 2026 Jul 11, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Shortcodes and extra features for Phlox WordPress plugin before 2.9.8 does not sanitise and escape a parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting
CVE-2018-20368 1Averta 1Master Slider Nov 21, 2024 Dec 23, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.