To plugin page

Fixed

WordPress Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Slider Creation / Modification

4.3

CVSS 3.1 score Medium severity

Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website

Software

Yoo Slider

Type

Plugin

Vulnerable versions

<= 2.0.0

Fixed in

2.1.0

PSID

a4b7e5aa4b50

CVE ID

CVE-2022-27846

Classification

Cross Site Request Forgery (CSRF)

OWASP Top 10

A5: Broken Access Control

Required privilege

Credits

Ex.Mi (Patchstack)

Publicly disclosed

2022-04-11

Details

Cross-Site Request Forgery (CSRF) vulnerability leading to Slider Creation / Modification discovered by Ex.Mi (Patchstack) in WordPress Yoo Slider plugin (versions <= 2.0.0).

Solution

Update the WordPress Yoo Slider plugin to the latest available version (at least 2.1.0).

References

CVE-2022-27846 Plugin changelog

WordPress Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Slider Creation / Modification

Details

Solution

References

Other known vulnerabilities for Yoo Slider

Submit vulnerabilities and become a verified Alliance member

All solutions

WordPress security

Patchstack

Social

All solutions

WordPress Security

Patchstack

Social

© 2022 Patchstack

WordPress Yoo Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Slider Creation / Modification

Details

Solution

References

Other known vulnerabilities for Yoo Slider

Submit vulnerabilities and become a verified Alliance member

All solutions

WordPress security

Patchstack

Social

All solutions

WordPress Security

Patchstack

Social

© 2022 Patchstack

Let us know if we have missed a vulnerability reported elsewhere

Thank you for contributing!