Lucene search

K
patchstackAbdi PranataPATCHSTACK:062EDBF52C2E905FD1358690AA46C63E
HistoryDec 27, 2023 - 12:00 a.m.

WordPress Depicter Slider Plugin <= 2.0.6 is vulnerable to Cross Site Request Forgery (CSRF)

2023-12-2700:00:00
Abdi Pranata
patchstack.com
2
wordpress depicter slider
plugin
vulnerable
csrf
fixed
owasp
cve
patch priority
cvss severity
developer
unauthenticated
published

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

AI Score

6.6

Confidence

Low

Software

Depicter Slider

Type

Plugin

Vulnerable versions

<= 2.0.6

Fixed in

2.0.7

OWASP Top 10

A1: Broken Access Control

Classification

Cross Site Request Forgery (CSRF)

CVE

CVE-2023-51491

Patch priority

Low

CVSS severity

Low (5.4)

Developer

Claim ownership

PSID

121cc482ad3d

Credits

Abdi Pranata Abdi Pranata

Required privilege

Unauthenticated

Published

27 December, 2023

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
depicter_slider_and_popup_by_avertadepicter_sliderRange2.0.6
VendorProductVersionCPE
depicter_slider_and_popup_by_avertadepicter_slider*cpe:2.3:a:depicter_slider_and_popup_by_averta:depicter_slider:*:*:*:*:*:*:*:*

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

AI Score

6.6

Confidence

Low

Related for PATCHSTACK:062EDBF52C2E905FD1358690AA46C63E