The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
References
Link | Resource |
---|---|
https://klikki.fi/adv/fluid_responsive_slideshow.html | Exploit Third Party Advisory |
https://wordpress.org/plugins/fluid-responsive-slideshow/#developers | Product |
https://klikki.fi/adv/fluid_responsive_slideshow.html | Exploit Third Party Advisory |
https://wordpress.org/plugins/fluid-responsive-slideshow/#developers | Product |
Configurations
History
21 Nov 2024, 02:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://klikki.fi/adv/fluid_responsive_slideshow.html - Exploit, Third Party Advisory | |
References | () https://wordpress.org/plugins/fluid-responsive-slideshow/#developers - Product |
Information
Published : 2019-09-17 15:15
Updated : 2024-11-21 02:45
NVD link : CVE-2016-10974
Mitre link : CVE-2016-10974
CVE.ORG link : CVE-2016-10974
JSON object : View
Products Affected
tonjoostudio
- fluid-responsive-slideshow
CWE
CWE-352
Cross-Site Request Forgery (CSRF)