I
mproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in averta Master Slider Pro masterslider allows DOM-Based XSS.This issue affects Master Slider Pro: from n/a through <= 3.7.12.
References
Configurations
History
30 Jan 2026, 19:36
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:averta:master_slider_pro:*:*:*:*:*:wordpress:*:* | |
| First Time |
Averta
Averta master Slider Pro |
|
| References | () https://patchstack.com/database/Wordpress/Plugin/masterslider/vulnerability/wordpress-master-slider-pro-plugin-3-7-12-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory |
20 Jan 2026, 15:18
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
09 Dec 2025, 18:36
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-09 16:18
Updated : 2026-01-30 19:36
NVD link : CVE-2025-63045
Mitre link : CVE-2025-63045
CVE.ORG link : CVE-2025-63045
JSON object : View
Products Affected
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')