Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gslideshow_project:gslideshow:0.1:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-9391 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the gSlideShow plugin 0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) rss, (2) display_time or (3) transistion_time parameter in the gslideshow.php page to wp-admin/options-general.php. Published: December 31, 2014; 4:59:05 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |