Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Averta — Vulnerabilities & Security Advisories 55

Browse all 55 CVE security advisories affecting Averta. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Averta provides enterprise-grade security solutions focused on protecting critical infrastructure and industrial control systems from cyber threats. With fifty-five Common Vulnerabilities and Exposures (CVEs) currently documented, the company’s software has historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insufficient input validation and weak authentication mechanisms within its management interfaces. While specific major public incidents remain limited in widespread media coverage, the high volume of disclosed CVEs indicates persistent challenges in secure coding practices across various product versions. Security researchers frequently highlight the potential for unauthorized access to sensitive operational data, emphasizing the need for rigorous patch management. The profile suggests a pattern of recurring architectural weaknesses rather than isolated implementation errors, requiring continuous vigilance from system administrators to mitigate risks associated with these known exploits.

Found 17 results / 55Clear Filters
Top products by Averta: Shortcodes and extra features for Phlox theme Master Slider – Responsive Touch Slider Depicter — Popup & Slider Builder Depicter Slider Master Slider Premium Portfolio Features for Phlox theme Master Slider Pro Phlox Shop Phlox Portfolio Phlox PRO Phlox
CVE IDTitleCVSSSeverityPublished
CVE-2025-12379 Shortcodes and extra features for Phlox theme <= 2.17.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2026-01-10
CVE-2025-13215 Shortcodes and extra features for Phlox theme <= 2.17.13 - Unauthenticated Draft Posts Information Exposure — Shortcodes and extra features for Phlox themeCWE-200 5.3 Medium2026-01-06
CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 4.3 Medium2025-12-30
CVE-2025-63071 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Sensitive Data Exposure vulnerability — Shortcodes and extra features for Phlox themeCWE-201 5.3 Medium2025-12-09
CVE-2024-50500 WordPress Phlox Core Elements plugin <= 2.17.4 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 4.3 Medium2025-02-03
CVE-2024-12588 Shortcodes and extra features for Phlox theme <= 2.17.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Staff Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-12-21
CVE-2024-9545 Shortcodes and extra features for Phlox theme <= 2.17.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via aux_contact_box and aux_gmaps Shortcodes — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-12-21
CVE-2024-8486 Shortcodes and extra features for Phlox theme <= 2.16.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Modern Heading and Icon Picker Widgets — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-10-05
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer — Shortcodes and extra features for Phlox themeCWE-502 7.5 High2024-05-02
CVE-2024-3517 Shortcodes and extra features for Phlox theme <= 2.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1533 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1396 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1348 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1357 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-04-16
CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 6.4 Medium2024-04-01
CVE-2023-50368 WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) — Shortcodes and extra features for Phlox themeCWE-79 6.5 Medium2023-12-14

This page lists every published CVE security advisory associated with Averta. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.