National Cyber Warfare Foundation (NCWF)

CVE-2023-5531 (thumbnail_slider_with_lightbox)
0 user ratings		2023-10-17 16:12:27
milo
CVEs
 - archive -- 
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image lightboxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE-2023-5531 (thumbnail_slider_with_lightbox)
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5531
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image lightboxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
2023-10-12T06:15:14Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5531

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.