WordPress Plugin Vulnerabilities

Nelio Ab Testing < 4.6.4 - CSRF

Description

The Nelio AB Testing WordPress plugin was affected by a CSRF security vulnerability.

Affects Plugins

Plugin icon
nelio-ab-testing
Fixed in 4.6.4

References

CVE
CVE-2017-18547

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
8.8 (high)

Miscellaneous

Verified
No
WPVDB ID
dd2cbd79-4962-4f12-ba9c-9d9c06cf02b1

Timeline

Publicly Published
2017-05-11 (about 8 years ago)
Added
2019-08-24 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2023-10-12
Title
Contact Form With Captcha <= 1.6.8 - Cross-Site Request Forgery
Published
2020-09-16
Title
Cool Timeline < 2.0.3 - Cross-Site Request Forgery
Published
2024-05-06
Title
WP Favorite Posts <= 1.6.8 - Cross-Site Request Forgery
Published
2025-10-23
Title
FanBridge signup <= 0.6 - Cross-Site Request Forgery
Published
2023-09-09
Title
ProfilePress < 4.13.2 Cross-Site Request Forgery via 'admin_notice'