Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
master slider vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-20368
The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.
Averta Master Slider 3.5.1
Averta Master Slider 3.2.7
NA
CVE-2023-47506
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Master slider Master Slider Pro allows SQL Injection.This issue affects Master Slider Pro: from n/a up to and including 3.6.5.
Masterslider Master Slider
NA
CVE-2023-47508
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Averta Master Slider Pro plugin <= 3.6.5 versions.
Averta Master Slider
NA
CVE-2023-47507
Deserialization of Untrusted Data vulnerability in Master Slider Master Slider Pro.This issue affects Master Slider Pro: from n/a up to and including 3.6.5.
Averta Master Slider Pro
NA
CVE-2024-32580
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a up to and including 3.9.8.
NA
CVE-2024-32600
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a up to and including 3.9.5.
NA
CVE-2023-6326
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.3. This is due to missing or incorrect nonce validation on the 'process_bulk_action' function. This makes it poss...
NA
CVE-2024-0611
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slides callback functionality in all versions up to, and including, 3.9.5. This makes it possible for authenticated attackers, with editor-level access, to ...
NA
CVE-2024-1449
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slide shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied att...
NA
CVE-2024-3273
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The mani...
Dlink Dns-320l Firmware -
Dlink Dns-120 Firmware -
Dlink Dnr-202l Firmware -
Dlink Dns-315l Firmware -
Dlink Dns-320 Firmware -
Dlink Dns-320lw Firmware -
Dlink Dns-321 Firmware -
Dlink Dnr-322l Firmware -
Dlink Dns-323 Firmware -
Dlink Dns-325 Firmware -
Dlink Dns-326 Firmware -
Dlink Dns-327l Firmware -
Dlink Dnr-326 Firmware -
Dlink Dns-340l Firmware -
Dlink Dns-343 Firmware -
Dlink Dns-345 Firmware -
Dlink Dns-726-4 Firmware -
Dlink Dns-1100-4 Firmware -
Dlink Dns-1200-05 Firmware -
Dlink Dns-1550-04 Firmware -
6 Github repositories
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started