CVE-2024-6490
Master Slider – Responsive Touch Slider <= 3.9.10 - CSRF to slider deletion
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
26 Jul 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
During testing of the Master Slider WordPress plugin through 3.9.10, a CSRF vulnerability was found, which allows an unauthorized user to manipulate requests on behalf of the victim and thereby delete all of the sliders inside Master Slider WordPress plugin through 3.9.10.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
Unknown · Master Slider