Lucene search

K
vulnrichmentWPScanVULNRICHMENT:CVE-2024-6490
HistoryJul 26, 2024 - 6:00 a.m.

CVE-2024-6490 Master Slider – Responsive Touch Slider <= 3.9.10 - CSRF to slider deletion

2024-07-2606:00:04
WPScan
github.com
3
cve-2024-6490
master slider
csrf
wordpress plugin

AI Score

7

Confidence

High

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:averta:master_slider:*:*:*:*:*:wordpress:*:*"
    ],
    "vendor": "averta",
    "product": "master_slider",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "semver",
        "lessThanOrEqual": "3.9.10"
      }
    ],
    "defaultStatus": "affected"
  }
]

AI Score

7

Confidence

High

SSVC

Exploitation

poc

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2024-6490