Lucene search

CVE-2024-4426

🗓️ 30 May 2024 09:10:15Reported by [email protected]Type

The WordPress Comparison Slider plugin (up to version 1.0.5) is vulnerable to Cross-Site Request Forgery, allowing unauthenticated attackers to modify slider titles, delete sliders, and change plugin settings via forged requests

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2024-4426 Comparison Slider <= 1.0.5 - Cross-Site Request Forgery	30 May 202408:30	–	cvelist
CVE	CVE-2024-4426	30 May 202409:15	–	cve
WPVulnDB	Comparison Slider <= 1.0.5 - Cross-Site Request Forgery	29 May 202400:00	–	wpvulndb
Patchstack	WordPress Comparison Slider Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF)	30 May 202400:00	–	patchstack
Vulnrichment	CVE-2024-4426 Comparison Slider <= 1.0.5 - Cross-Site Request Forgery	30 May 202408:30	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 27, 2024 to June 2, 2024)	6 Jun 202415:09	–	wordfence

Nvd

Node

comparisonslider comparison_sliderRange≤1.0.5wordpress

Source	Link
wordpress	www.wordpress.org/plugins/comparison-slider/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/5a9b284a-2af9-4d20-9663-a40b9330da35

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 May 2024 09:15Current

4.7Medium risk

Vulners AI Score4.7

CVSS34.3

EPSS0.00054

CWE-352