EUVD-2013-2647

Malware in sbrugna...

WordPress Content Slide plugin cross-site request forgery vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . Content Slide is one of the plugin used to create a fully customizable jquery Fading image slideshow . A...

WordPress Content Slide Plugin HTML Injection Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . Content Slide is one of the plugin used to create a fully customizable jquery Fading image slideshow . An HTML...

WordPress Content Slide 1.4.2 CSRF / Cross Site Scripting

Details ================ Software: Wordpress Content Slide Version: 1.4.2 Homepage: http://wordpress.org/plugins/content-slide/ Advisory report: https://security.dxw.com/advisories/csrf-and-stored-xss-in-wordpress-content-slide-allow-an-attacker-to-have-full-admin-privileges/ CVE: Awaiting...

Content Slide <= 1.4.2 - CSRF & Stored XSS

The content-slide WordPress plugin was affected by a CSRF & Stored XSS security vulnerability...

Content Slide <= 1.4.2 - Cross Site Request Forgery

The content-slide WordPress plugin was affected by a Cross Site Request Forgery security vulnerability...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...

CVE-2013-2708

Cross-site request forgery CSRF vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors...

CVE-2013-2708

The CVE-2013-2708 entry concerns the Content Slide WordPress plugin (v1.4.2). A CSRF vulnerability could allow remote attackers to hijack administrator authentication to perform unauthorized changes to plugin settings via unspecified vectors. Documented impact is the ability to trigger changes wi...

WordPress Content Slide插件跨站请求伪造漏洞

CVE-2013-2708 Content Slide是WordPress软件基金会的一款插件。可在WordPress网站的任何地方创建完全自定义的jquery Fading图像幻灯片。 WordPress的Content Slide插件中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞在受影响应用程序上下文中执行某些未授权操作，也可能存在其他形式的攻击。Content Slide 1.4.2版本中存在漏洞，其他版本也可能受到影响。 0 WordPress Content Slide 目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://wordpress.org/...