4 matches found
CVE-2023-5820
creationtimestamp| type| source ---|---|--- 2023-10-27 16:17:09+00:00| seen| https://t.me/cibsecurity/73054...
CVE-2023-5820
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the addedit functionality. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged reques...
CVE-2023-5820
The CVE-2023-5820 entry concerns the WordPress plugin Thumbnail Slider With Lightbox (version 1.0 and earlier). It describes a Cross-Site Request Forgery flaw caused by missing or incorrect nonce validation on the addedit action, enabling unauthenticated attackers to trick an admin into uploading...
WordPress Thumbnail Slider With Lightbox Plugin <= 1.0 is vulnerable to Arbitrary File Upload
Software Thumbnail Slider With Lightbox Type Plugin Vulnerable versions = 1.0 Fixed in 1.0.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5820 Patch priority Low CVSS severity Low 10 Developer Claim ownership PSID 5ea4464f8b32 Credits Ala Arfaoui Required privilege...