CVE-2015-9426

🗓️ 26 Sep 2019 01:10:15Reported by mitreType

The manual-image-crop plugin for WordPress 1.11 has CSRF and XSS

Reporter	Title	Published	Views	Family All 4
Prion	Cross site request forgery (csrf)	26 Sep 201901:15	–	prion
WPVulnDB	Manual Image Crop <= 1.10 - Authenticated Reflected Cross-Site Scripting (XSS)	24 Aug 201500:00	–	wpvulndb
Cvelist	CVE-2015-9426	26 Sep 201900:44	–	cvelist
NVD	CVE-2015-9426	26 Sep 201901:15	–	nvd

Nvd

Node

manual_image_crop_project manual_image_cropRange<1.11wordpress

Source	Link
cinu	www.cinu.pl/research/wp-plugins/mail_7c87194ce1dcf0642135d17a71ed91cd.html
wordpress	www.wordpress.org/plugins/manual-image-crop/
wpvulndb	www.wpvulndb.com/vulnerabilities/8297

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Sep 2019 01:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS23.5

CVSS34.6

EPSS0.001

CWE-79