Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Averta — Vulnerabilities & Security Advisories 56

Browse all 56 CVE security advisories affecting Averta. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Averta:Shortcodes and extra features for Phlox themeMaster Slider – Responsive Touch SliderDepicter — Popup & Slider BuilderDepicter SliderMaster SliderPremium Portfolio Features for Phlox themeMaster Slider ProPhlox ShopPhlox PortfolioPhlox PROPhlox
CVE IDTitleCVSSSeverityPaused
CVE-2025-68558 WordPress Depicter Slider plugin <= 4.0.4 - Broken Access Control vulnerability — Depicter SliderCWE-862 6.5 Medium2026-01-22
CVE-2025-12379 Shortcodes and extra features for Phlox theme <= 2.17.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2026-01-10
CVE-2025-4776 Phlox <= 2.17.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-caption` HTML Attribute — PhloxCWE-79 6.4 Medium2026-01-06
CVE-2025-13215 Shortcodes and extra features for Phlox theme <= 2.17.13 - Unauthenticated Draft Posts Information Exposure — Shortcodes and extra features for Phlox themeCWE-200 5.3 Medium2026-01-06
CVE-2025-11370 Depicter <= 4.0.7 - Missing Authorization to Unauthenticated Display Rule Updates — Depicter — Popup & Slider BuilderCWE-862 5.3 Medium2026-01-06
CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 8.1 -2025-12-30
CVE-2025-63071 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Sensitive Data Exposure vulnerability — Shortcodes and extra features for Phlox themeCWE-201 7.5AIHighAI2025-12-09
CVE-2025-63045 WordPress Master Slider Pro plugin <= 3.7.12 - Cross Site Scripting (XSS) vulnerability — Master Slider ProCWE-79 6.1AIMediumAI2025-12-09
CVE-2025-12497 Premium Portfolio Features for Phlox theme <= 2.3.10 - Unauthenticated Local File Inclusion via args[extra_template_path] — Premium Portfolio Features for Phlox themeCWE-98 8.1 High2025-11-05
CVE-2025-11373 Popup and Slider Builder by Depicter – Add Email collecting Popup, Popup Modal, Coupon Popup, Image Slider, Carousel Slider, Post Slider Carousel <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload — Depicter — Popup & Slider BuilderCWE-862 4.3 Medium2025-11-05
CVE-2025-8383 Depicter <= 4.0.4 - Cross-Site Request Forgery — Depicter — Popup & Slider BuilderCWE-352 4.3 Medium2025-10-31
CVE-2025-58025 WordPress Master Slider Plugin <= 3.11.0 - Cross Site Scripting (XSS) Vulnerability — Master SliderCWE-79 6.5 Medium2025-09-22
CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2025-06-17
CVE-2025-39412 WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability — Master SliderCWE-862 4.3 Medium2025-05-19
CVE-2025-2011 Slider & Popup Builder by Depicter <= 3.6.1 - Unauthenticated SQL Injection via 's' Parameter — Depicter — Popup & Slider BuilderCWE-89 7.5 High2025-05-06
CVE-2024-11731 Master Slider – Responsive Touch Slider <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2025-03-05
CVE-2024-13757 Master Slider – Responsive Touch Slider <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2025-03-05
CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 4.3 Medium2025-02-03
CVE-2024-12588 Shortcodes and extra features for Phlox theme <= 2.17.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Staff Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-12-21
CVE-2024-9545 Shortcodes and extra features for Phlox theme <= 2.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via aux_contact_box and aux_gmaps Shortcodes — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-12-21
CVE-2022-47176 WordPress Depicter Slider plugin <= 1.9.0 - Broken Access Control vulnerability — Depicter SliderCWE-862 4.3 Medium2024-12-13
CVE-2024-4633 Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.2.1- Authenticated (Author+) Stored Cross-Site Scripting — Depicter — Popup & Slider BuilderCWE-79 6.4 Medium2024-12-06
CVE-2024-47359 WordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerability — Depicter SliderCWE-352 5.3 Medium2024-11-01
CVE-2024-47381 WordPress Slider & Popup Builder by Depicter plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability — Depicter SliderCWE-79 5.9 Medium2024-10-05
CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-10-05
CVE-2024-1384 Premium Portfolio Features for Phlox theme <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Premium Portfolio Features for Phlox themeCWE-79 6.4 Medium2024-08-29
CVE-2024-6339 Phlox PRO <= 5.16.4 - Reflected Cross-Site Scripting via Search Parameters — Phlox PROCWE-79 6.1 Medium2024-08-21
CVE-2024-4389 Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload — Depicter — Popup & Slider BuilderCWE-434 8.8 High2024-08-14
CVE-2024-43161 WordPress Slider & Popup Builder by Depicter plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability — Depicter SliderCWE-79 5.9 Medium2024-08-12
CVE-2024-37414 WordPress Depicter Slider plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability — Depicter SliderCWE-79 5.9 Medium2024-07-22

This page lists every published CVE security advisory associated with Averta. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.