CVE-2015-2089
CVE-2015-2089 concerns the CrossSlide jQuery plugin for WordPress (version 2.0.5 and earlier). The vulnerability arises from CSRF flaws in the plugin’s admin flow: parameters such as csj_width, csj_height, csj_sleep, csj_fade, and upload_image pass through the thisismyurl_csj.php page to wp-admin...