Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

averta — Vulnerabilities & Security Advisories 55

Browse all 55 CVE security advisories affecting averta. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Averta provides enterprise-grade security solutions focused on protecting critical infrastructure and industrial control systems from cyber threats. With fifty-five Common Vulnerabilities and Exposures (CVEs) currently documented, the company’s software has historically been susceptible to remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insufficient input validation and weak authentication mechanisms within its management interfaces. While specific major public incidents remain limited in widespread media coverage, the high volume of disclosed CVEs indicates persistent challenges in secure coding practices across various product versions. Security researchers frequently highlight the potential for unauthorized access to sensitive operational data, emphasizing the need for rigorous patch management. The profile suggests a pattern of recurring architectural weaknesses rather than isolated implementation errors, requiring continuous vigilance from system administrators to mitigate risks associated with these known exploits.

Top products by averta: Shortcodes and extra features for Phlox theme Master Slider – Responsive Touch Slider Depicter — Popup & Slider Builder Depicter Slider Master Slider Premium Portfolio Features for Phlox theme Master Slider Pro Phlox Shop Phlox Portfolio Phlox PRO Phlox
CVE IDTitleCVSSSeverityPublished
CVE-2024-37222 WordPress Master Slider plugin <= 3.10.0 - Reflected Cross Site Scripting (XSS) vulnerability — Master Slider 7.1 High2024-06-20
CVE-2024-4390 Depicter <= 3.0.2 - Authenticated (Contributor+) Arbitrary Nonce Generation — Depicter — Popup & Slider BuilderCWE-863 6.5 Medium2024-06-20
CVE-2023-50900 WordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerability — Master SliderCWE-352 4.3 Medium2024-06-19
CVE-2024-4375 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-06-18
CVE-2023-6382 Master Slider - Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-06-01
CVE-2024-4470 Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-05-21
CVE-2023-39163 WordPress Phlox Shop plugin <= 2.0.0 - Unauthenticated Local File Inclusion vulnerability — Phlox ShopCWE-22 8.6 High2024-05-17
CVE-2023-38399 WordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerability — Phlox PortfolioCWE-22 8.6 High2024-05-17
CVE-2023-7064 Shortcodes and extra features for Phlox theme <= 2.17.5 - Authenticated (Subscriber+) PHP Object Injection via auxin_template_control_importer — Shortcodes and extra features for Phlox themeCWE-502 7.5 High2024-05-02
CVE-2024-3517 Shortcodes and extra features for Phlox theme <= 2.15.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Accordion Widget — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1533 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1396 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title_tag' — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-3341 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_gmaps' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-1348 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-05-02
CVE-2024-32600 WordPress Master Slider plugin <= 3.9.5 - PHP Object Injection vulnerability — Master SliderCWE-502 8.3 High2024-04-18
CVE-2024-32580 WordPress Master Slider plugin <= 3.9.8 - Cross Site Scripting (XSS) vulnerability — Master SliderCWE-79 6.5 Medium2024-04-18
CVE-2024-1357 Shortcodes and extra features for Phlox theme <= 2.15.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aux_timeline' Shortcode — Shortcodes and extra features for Phlox themeCWE-79 6.4 Medium2024-04-16
CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability — Shortcodes and extra features for Phlox themeCWE-862 6.4 Medium2024-04-01
CVE-2023-51491 WordPress Depicter Slider plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Depicter SliderCWE-352 5.4 Medium2024-03-16
CVE-2024-1449 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting — Master Slider – Responsive Touch SliderCWE-79 6.4 Medium2024-03-02
CVE-2024-0611 Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated(Editor+) Stored Cross-Site Scripting via slider callback — Master Slider – Responsive Touch SliderCWE-79 4.4 Medium2024-03-02
CVE-2023-6326 Master Slider - Responsive Touch Slider <= 3.9.10 - Cross-Site Request Forgery via process_bulk_action — Master Slider – Responsive Touch SliderCWE-352 5.4 Medium2024-03-02
CVE-2023-6493 Depicter Slider – Responsive Image Slider, Video Slider & Post Slider <= 2.0.6 - Cross-Site Request Forgery via save — Depicter — Popup & Slider BuilderCWE-352 4.3 Medium2024-01-05
CVE-2023-50368 WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) — Shortcodes and extra features for Phlox themeCWE-79 6.5 Medium2023-12-14
CVE-2023-47508 WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to Cross Site Scripting (XSS) — Master Slider ProCWE-79 7.1 High2023-11-16

This page lists every published CVE security advisory associated with averta. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.