CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47359 – WordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2024-47359
30 Sep 2024 — Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a through 3.2.2. The Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.2.2. Thi... • https://patchstack.com/database/vulnerability/depicter/wordpress-depicter-plugin-3-2-2-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47381 – WordPress Slider & Popup Builder by Depicter plugin <= 3.2.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-47381
30 Sep 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.2.2. The Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 3.2.2 due to insufficient input sanitizati... • https://patchstack.com/database/vulnerability/depicter/wordpress-slider-popup-builder-by-depicter-add-image-slider-carousel-slider-exit-intent-popup-popup-modal-coupon-popup-post-slider-carousel-plugin-3-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43161 – WordPress Slider & Popup Builder by Depicter plugin <= 3.1.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-43161
07 Aug 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.1.2. The Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 3.1.2 due to insufficient input sanitizati... • https://patchstack.com/database/vulnerability/depicter/wordpress-slider-popup-builder-by-depicter-plugin-3-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37414 – WordPress Depicter Slider plugin <= 3.0.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-37414
28 Jun 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Depicter Slider y Popup por Averta Depicter Slider permite XSS almacenado. Este problema afecta a Depicter Slider: desde n/a hasta 3.0.2. The Sl... • https://patchstack.com/database/vulnerability/depicter/wordpress-depicter-slider-plugin-3-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51491 – WordPress Depicter Slider plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2023-51491
16 Mar 2024 — Cross-Site Request Forgery (CSRF) vulnerability in Averta Depicter Slider.This issue affects Depicter Slider: from n/a through 2.0.6. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Averta Depicter Slider. Este problema afecta a Depicter Slider: desde n/a hasta 2.0.6. • https://patchstack.com/database/vulnerability/depicter/wordpress-depicter-slider-plugin-2-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47176 – WordPress Depicter Slider plugin <= 1.9.0 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2022-47176
28 Apr 2023 — Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Depicter Slider: from n/a through 1.9.0. The Depicter Slider plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on multiple functions in versions up to, and including, 1.9.0. This makes it possible for authenticated attackers, with contributor-level access and above, to create, publish, a... • https://patchstack.com/database/wordpress/plugin/depicter/vulnerability/wordpress-depicter-slider-plugin-1-7-3-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •