cleantalk
Vulnerabilities and Security Researches

Master Slider – Responsive Touch Slider, CVE-2024-12173

CVE, Research URL

CVE-2024-12173

Home page URL

Security reports for Master Slider – Responsive Touch Slider

Application

Master Slider – Responsive Touch Slider

Published on
Feb 19, 2025
Research Description
The Master Slider WordPress plugin before 3.10.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions
Min -, max 3.10.5.
Status
vulnerable
Previous vulnerability researches
Master Slider – Responsive Touch Slider (CVE-2024-37222) , Jun 21, 2024
Master Slider – Responsive Touch Slider (CVE-2024-6490) , Jul 28, 2024
Master Slider – Responsive Touch Slider (CVE-2025-39412) , Apr 29, 2025
Master Slider – Responsive Touch Slider (CVE-2023-50900) , Jul 22, 2024
Master Slider – Responsive Touch Slider (CVE-2024-12173) , Feb 21, 2025
New vulnerability
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-2893) , Apr 30, 2025
My Tickets (CVE-2025-3761) , Apr 29, 2025
Mang Board WP (CVE-2025-3435) , Apr 29, 2025
Church Admin (CVE-2025-39553) , Apr 29, 2025
Ocean Extra (CVE-2025-3457) , Apr 29, 2025