ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Huge IT Slider Plugin 2.7.5 - Multiple Vulnerabilities

Product
Huge IT Slider
Description
There are multiple vulnerabilities in this plugin, such as cross-site request forgery and Persistent JS/HTML Injection. These vulnerabilities allow an attacker to make a user with access privileges to a page and inject JavaScript into the database.
Solution
Upgrade the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.7.5
Fixed In 2.7.6
Disclosure date
2015-06-24
Credits
i0akiN SEC-LABORATORY