Vulnerabilities (CVE)

Filtered by vendor Depicter Subscribe
Filtered by product Depicter
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-4390 1 Depicter 1 Depicter 2024-11-21 N/A 6.5 MEDIUM
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/function. This could be used to invoke functionality that is protected only by nonce checks.
CVE-2024-37414 1 Depicter 1 Depicter 2024-11-21 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2.
CVE-2024-47359 1 Depicter 1 Depicter 2024-11-12 N/A 9.8 CRITICAL
Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a through 3.2.2.