Lucene search
WpvulndbWPVDB-ID:E08BC69C-B032-4EEE-A878-E20DE5943651HistoryNov 17, 2023 - 12:00 a.m.
Thumbnail Slider With Lightbox < 1.0.1 - Arbitrary File Upload via CSRF
2023-11-1700:00:00
wpscan.com
6
plugin
csrf check
addedit feature
arbitrary files
logged in admins
security
Description The plugin does not have CSRF check in the addedit feature, which could allow attackers to make logged in admins upload arbitrary files via a CSRF attack
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 1.0.1 |
Related
nvd
nvd
CVE-2023-5820
2023-10-27 12:15:08
cve
cve
CVE-2023-5820
2023-10-27 12:15:08
prion
prion
Cross site request forgery (csrf)
2023-10-27 12:15:00
cvelist
cvelist
CVE-2023-5820
2023-10-27 11:28:45
wordfence
wordfence
6.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.9%
Related for WPVDB-ID:E08BC69C-B032-4EEE-A878-E20DE5943651