WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2023-28497
8.8HIGH
What is CVE-2023-28497?
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Tribulant Slideshow Gallery LITE plugin for WordPress. This issue affects versions up to and including 1.7.6, allowing attackers to execute unauthorized commands on behalf of authenticated users. Through this vulnerability, an attacker can potentially manipulate settings or perform actions within the application without the user's consent, risking data integrity and security.
Affected Version(s)
Slideshow Gallery LITE <= 1.7.6