Medium 6.5 Unfixed
2025-09-22≤ 3.11.0
CVE-2025-58025
Master Slider – Responsive Touch Slider
Minimum safe version
3.11.2
Update to 3.11.2 or later to address 22 fixable vulnerabilities
Latest available3.11.2 ✓⚠ 2 vulnerabilities have no fix
Medium 6.4
2025-06-17< 3.10.9
Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes
Medium 4.3
2025-05-19< 3.11.2
WordPress Master Slider plugin <= 3.11.0 - Broken Access Control vulnerability
Medium 6.4 Unfixed
2025-03-05≤ 3.10.6
Master Slider – Responsive Touch Slider <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode
Medium 6.4
2025-03-05< 3.10.8
Master Slider – Responsive Touch Slider <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode
Low 3.5
2025-02-19< 3.10.5
CVE-2024-12173
Medium 6.5
2024-07-26< 3.10.0
CVE-2024-6490
Medium 6.1
2024-06-20< 3.10.5
CVE-2024-37222
Medium 4.3
2024-06-19< 3.10.0
CVE-2023-50900
Medium 5.4
2024-06-18< 3.10.0
CVE-2024-4375
Medium 5.4
2024-06-01< 3.9.10
CVE-2023-6382
Medium 5.4
2024-05-21< 3.9.10
CVE-2024-4470
Critical 9.6
2024-04-18< 3.9.7
CVE-2024-32600
Medium 5.4
2024-04-18< 3.9.9
CVE-2024-32580
Medium 4.3
2024-03-02< 3.10.0
CVE-2023-6326
Medium 5.4
2024-03-02< 3.10.0
CVE-2024-1449
Medium 4.8
2024-03-02< 3.9.10
CVE-2024-0611
N/A
< 2.5.2
Master Slider < 2.5.2 - Authenticated Blind SQL Injection
N/A
< 2.8.0
Master Slider < 2.8.0 - Reflected Cross-Site Scripting (XSS)
N/A
2015-08-20< 2.5.2
Master Slider - Responsive Touch Slider <= 2.5.1 - Authenticated Blind SQL Injection
N/A
2016-07-16< 2.8.0
Master Slider <= 2.7.1 - Cross-Site Scripting
N/A
2015-08-20< 2.5.2
WordPress Master Slider Plugin <= 2.5.1 - Blind SQL Injection
N/A
2016-07-13< 2.8.0
WordPress Master Slider Plugin <= 2.7.1 - Reflected Cross Site Scripting
Medium 5.4
2021-04-10< 3.7.5
WordPress Master Slider plugin <= 3.7.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability