Master slider
This hub aggregates every CVE we track for Master slider, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM16HIGH4LOW1
Monthly trend
1
0
0
0
0
0
0
1
2
0
1
1
0
0
1
0
0
0
0
0
0
0
1
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Master slider.
- CVE-2026-48968WordPress Master Slider plugin <= 3.10.8 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2025-58025WordPress Master Slider Plugin <= 3.11.0 - Cross Site Scripting (XSS) Vulnerability6.5
- CVE-2025-5291Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes6.4
- CVE-2025-39412WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability4.3
- CVE-2024-11731Master Slider – Responsive Touch Slider <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode6.4
- CVE-2024-13757Master Slider – Responsive Touch Slider <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode6.4
- CVE-2024-12173Master Slider < 3.10.5 - Editor+ Stored XSS3.5
- CVE-2024-6490Master Slider – Responsive Touch Slider <= 3.9.10 - CSRF to slider deletion6.5
- CVE-2024-37222WordPress Master Slider plugin <= 3.10.0 - Reflected Cross Site Scripting (XSS) vulnerability7.1
- CVE-2023-50900WordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerability4.3
- CVE-2024-4375Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode6.4
- CVE-2023-6382Master Slider - Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-4470Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2024-32600WordPress Master Slider plugin <= 3.9.5 - PHP Object Injection vulnerability8.3
- CVE-2024-32580WordPress Master Slider plugin <= 3.9.8 - Cross Site Scripting (XSS) vulnerability6.5
Product normalization is registry-driven with AI assist and human review. How it works