Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Averta — Vulnerabilities & Security Advisories 56

Browse all 56 CVE security advisories affecting Averta. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Averta:Shortcodes and extra features for Phlox themeMaster Slider – Responsive Touch SliderDepicter — Popup & Slider BuilderDepicter SliderMaster SliderPremium Portfolio Features for Phlox themeMaster Slider ProPhlox ShopPhlox PortfolioPhlox PROPhlox
CVE IDTitleCVSSSeverityPaused
CVE-2024-3587 Premium Portfolio Features for Phlox theme <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ' Grid Portfolios' — Premium Portfolio Features for Phlox themeCWE-79 6.4 Medium2024-07-16
CVE-2024-37222 WordPress Master Slider plugin <= 3.10.0 - Reflected Cross Site Scripting (XSS) vulnerability — Master Slider 7.1 High2024-06-20
CVE-2024-4390 Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation — Depicter — Popup & Slider BuilderCWE-863 6.5 Medium2024-06-20
CVE-2023-50900 WordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerability — Master SliderCWE-352 4.3 Medium2024-06-19
CVE-2024-4375 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-06-18
CVE-2023-6382 Master Slider - Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-06-01
CVE-2024-4470 Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-05-21
CVE-2023-39163 WordPress Phlox Shop plugin <= 2.0.0 - Unauthenticated Local File Inclusion vulnerability — Phlox ShopCWE-22 8.6 High2024-05-17
CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability — Phlox PortfolioCWE-22 8.6 High2024-05-17
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer — Shortcodes and extra features for Phlox themeCWE-502 7.5 High2024-05-02
CVE-2024-3517 Shortcodes and extra features for Phlox theme <= 2.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1533 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1396 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1348 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-32600 WordPress Master Slider plugin <= 3.9.5 - PHP Object Injection vulnerability — Master SliderCWE-502 8.3 High2024-04-18
CVE-2024-32580 WordPress Master Slider plugin <= 3.9.8 - Cross Site Scripting (XSS) vulnerability — Master SliderCWE-79 6.5 Medium2024-04-18
CVE-2024-1357 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-04-16
CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 6.4 Medium2024-04-01
CVE-2023-51491 WordPress Depicter Slider plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Depicter SliderCWE-352 5.4 Medium2024-03-16
CVE-2024-1449 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-03-02
CVE-2024-0611 Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated(Editor+) Stored Cross-Site Scripting via slider callback — Master Slider – Responsive Touch SliderCWE-79 4.4 Medium2024-03-02
CVE-2023-6326 Master Slider - Responsive Touch Slider <= 3.9.10 - Cross-Site Request Forgery via process_bulk_action — Master Slider – Responsive Touch SliderCWE-352 5.4 Medium2024-03-02
CVE-2023-6493 Depicter Slider – Responsive Image Slider, Video Slider & Post Slider <= 2.0.6 - Cross-Site Request Forgery via save — Depicter — Popup & Slider BuilderCWE-352 4.3 Medium2024-01-05
CVE-2023-50368 WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) — Shortcodes and extra features for Phlox themeCWE-79 6.5 Medium2023-12-14
CVE-2023-47508 WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to Cross Site Scripting (XSS) — Master Slider ProCWE-79 7.1 High2023-11-16

This page lists every published CVE security advisory associated with Averta. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.