WP Easy Slideshow <= 1.0.3 – Multiple Cross-Site Request Forgery (CSRF)

Affects Plugins

wp-easy-slideshow

No known fix

References

Exploitdb

36612

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

No

WPVDB ID

d312260d-f2c7-4d16-9050-34b0ef83468a

Timeline

Publicly Published

2015-04-02 (about 11 years ago)

Added

2015-04-07 (about 10 years ago)

Last Updated

2019-10-21 (about 6 years ago)

Other

Published

Title

Published

2021-07-05

Title

Abandoned Cart Recovery for WooCommerce < 1.0.4.1 - Cross-Site Request Forgery

Published

2023-03-29

Title

GMAce <= 1.5.2 - Arbitrary File Creation/Deletion/Update via CSRF

Published

2025-08-14

Title

WP-Database-Optimizer-Tools <= 0.2 - Cross-Site Request Forgery

Published

2024-06-20

Title

MasterStudy LMS < 3.2.2 - Cross-Site Request Forgery

Published

2024-04-25

Title

Financio < 1.1.4 - Cross-Site Request Forgery to Notice Dismissal