Filtered by vendor Depicter Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-4390 1 Depicter 1 Depicter 2024-11-21 6.5 Medium
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/function. This could be used to invoke functionality that is protected only by nonce checks.
CVE-2024-37414 1 Depicter 1 Depicter 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.0.2.
CVE-2024-47359 2 Averta, Depicter 2 Depicter Slider, Depicter 2024-11-12 5.3 Medium
Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a through 3.2.2.