Lucene search
China National Vulnerability DatabaseCNVD-2022-18851HistoryMar 02, 2022 - 12:00 a.m.
WordPress Slick Slider plugin cross-site request forgery vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
slick slider
plugin
csrf
vulnerability
php
mysql
cross-site request forgery
EPSS
0.001
Percentile
30.0%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Slick Slider plugin prior to 2.0.1, which stems from the plugin’s failure to perform CSRF checks. An attacker could exploit the vulnerability to make a login in a highly privileged user, change the title, description, alt text, and URL of arbitrary upload media.
Related
wpvulndb
wpvulndb
cve
cve
CVE-2021-24913
2022-02-28 09:15:08
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2022-02-28 09:15:00
patchstack
patchstack
nvd
nvd
CVE-2021-24913
2022-02-28 09:15:08
wpexploit
wpexploit