WordPress plugin “Carousel Slider” provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
[
{
"vendor": "Sayful Islam",
"product": "Carousel Slider",
"versions": [
{
"version": "prior to 2.0",
"status": "affected"
}
]
}
]