Vulnerability Details CVE-2018-20368
The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.4%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2018-20368
-
cpe:2.3:a:averta:master_slider:3.2.7
-
cpe:2.3:a:averta:master_slider:3.5.1