RSS   Vulnerabilities for 'Logo slider and showcase'   RSS

2021-11-01
 
CVE-2021-24742

CWE-863
 

 
The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead of a capability check.

 


Copyright 2024, cxsecurity.com

 

Back to Top