Vulnerabilities > Averta > Master Slider > 3.9.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-18 | CVE-2024-4375 | Cross-site Scripting vulnerability in Averta Master Slider 3.2.7/3.5.1/3.9.10 The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ms_layer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'css_id' user supplied attribute. | 5.4 |
| 2024-03-02 | CVE-2023-6326 | Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.3. | 4.3 |