2 matches found
CVE-2020-36747
The Lightweight Sidebar Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.4. This is due to missing or incorrect nonce validation on the metaboxsave function. This makes it possible for unauthenticated attackers to save metbox data via ...
CVE-2020-36747
CVE-2020-36747 : The Lightweight Sidebar Manager WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in the metabox_save() function, affecting versions up to 1.1.4. An unauthenticated attacker could craft a request that, if a site admin visits it...