CSRF Vulnerability Affects GS Plugins Logo Slider Products
CVE-2023-51530

8.8HIGH

Key Information:

Vendor: WordPress
Status: Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery And Client Logo Presentation
Vendor: CVE Published:; 29 February 2024

Summary

A cross-site request forgery (CSRF) vulnerability in GS Plugins Logo Slider affects multiple products, including the Logo Showcase, Logo Carousel, Logo Gallery, and Client Logo Presentation. This vulnerability allows attackers to forge unauthorized requests without user consent, potentially compromising the security of the application. Users with versions from n/a up to 3.5.1 are advised to monitor their installations and apply necessary updates to prevent exploitation.

Affected Version(s)

Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation <= 3.5.1

References

https://patchstack.com/database/vulnerability/gs-logo-sli...

vdb-entry

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 29, 2024
Vulnerability Reserved
Dec 20, 2023

Credit

Brandon Roldan (Patchstack Alliance)