Lucene search
Morten NรธrtoftPATCHSTACK:CF37F51727AD473A31FE41013685C77AHistoryFeb 26, 2015 - 12:00 a.m.
WordPress CrossSlide jQuery Plugin <= 2.0.5 - Multiple CSRF
2015-02-2600:00:00
Morten Nรธrtoft
patchstack.com
10
EPSS
0.002
Percentile
52.5%
Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that change plugin settings or conduct cross-site scripting (XSS) attacks via the several parameters (โcsj_fadeโ, โcsj_sleepโ, โcsj_widthโ, โupload_imageโ, โcsj_heightโ) in in the thisismyurl_csj.php page to wp-admin/options-general.php.
Solution
Upgrade the plugin.
Related
prion
prion
Cross site request forgery (csrf)
2015-02-26 15:59:00
cvelist
cvelist
CVE-2015-2089
2015-02-26 15:00:00
cve
cve
CVE-2015-2089
2015-02-26 15:59:03
nvd
nvd
CVE-2015-2089
2015-02-26 15:59:03
wpvulndb
wpvulndb
CrossSlide jQuery Plugin <= 2.0.5 - Stored XSS & CSRF
2015-02-09 00:00:00
kaspersky
kaspersky
KLA10491 Multiple vulnerabilities in WordPress plugins
2015-03-17 00:00:00