What the vulnerability does
01Description
Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5.
CVE-2024-32600
HIGH
CVE-2024-32600: WordPress Master Slider plugin <= 3.9.5 - PHP Object Injection vulnerability
CVSS base score
8.3/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Key dates
02Disclosure timeline
April 18, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-32336 IBM InfoSphere Information Server code execution
CVE-2023-36777 Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2024-1225 QiboSoft QiboCMS X1 Pay.php rmb_pay deserialization
CVE-2024-1859 Slider Responsive Slideshow – Image slider, Gallery slideshow <= 1.3.8 - Authenticated (Contributor+) PHP Object Injection
CVE-2021-21956
