2 matches found
CVE-2025-7687
The CVE-2025-7687 entry concerns the WordPress plugin Latest Post Accordian Slider. A CSRF vulnerability exists in all versions up to 1.3 due to missing/incorrect nonce validation on the lpaccordian page. This enables unauthenticated attackers to update settings and inject malicious scripts throu...
WordPress Latest Post Accordian Slider plugin <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Latest Post Accordian Slider versions = 1.3...