Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-4390 | 1 Depicter | 1 Depicter | 2024-11-21 | N/A | 6.5 MEDIUM |
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/function. This could be used to invoke functionality that is protected only by nonce checks. | |||||
CVE-2024-37414 | 1 Depicter | 1 Depicter | 2024-11-21 | N/A | 5.9 MEDIUM |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2. | |||||
CVE-2024-47359 | 1 Depicter | 1 Depicter | 2024-11-12 | N/A | 9.8 CRITICAL |
Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a through 3.2.2. |