Lucene search
China National Vulnerability DatabaseCNVD-2022-18851HistoryMar 02, 2022 - 12:00 a.m.
WordPress Slick Slider plugin cross-site request forgery vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
30.1%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site request forgery vulnerability exists in versions of the WordPress Slick Slider plugin prior to 2.0.1, which stems from the plugin’s failure to perform CSRF checks. An attacker could exploit the vulnerability to make a login in a highly privileged user, change the title, description, alt text, and URL of arbitrary upload media.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress slick slider plugin | lt | 2.0.1 |
Related
wpvulndb
wpvulndb
cve
cve
CVE-2021-24913
2022-02-28 09:15:08
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-02-28 09:15:00
nvd
nvd
CVE-2021-24913
2022-02-28 09:15:08
wpexploit
wpexploit
cvelist
cvelist