WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Slick Slider plugin prior to 2.0.1, which stems from the plugin’s failure to perform CSRF checks. An attacker could exploit the vulnerability to make a login in a highly privileged user, change the title, description, alt text, and URL of arbitrary upload media.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress slick slider plugin | lt | 2.0.1 |