CSRF Vulnerability in Custom Sidebars Plugin for WordPress
CVE-2017-18510

8.8HIGH

Key Information:

Vendor

Wordpress
Status
Custom Sidebars
Vendor
CVE Published:
14 August 2019

What is CVE-2017-18510?

The Custom Sidebars plugin for WordPress prior to version 3.1.0 is susceptible to a Cross-Site Request Forgery (CSRF) issue. This vulnerability enables attackers to exploit actions such as setting location, importing, and exporting without proper user authentication, potentially allowing unauthorized modifications. Website administrators using affected versions are advised to upgrade to the latest version to mitigate this risk.

References

https://wordpress.org/plugins/custom-sidebars/#developers
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.