The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Arbitrary Nonce Generation in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with contributor access and above, to generate a valid nonce for any WordPress action/function. This could be used to invoke functionality that is protected only by nonce checks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-20T03:37:22.655Z

Updated: 2024-08-01T20:40:47.063Z

Reserved: 2024-05-01T15:26:59.549Z

Link: CVE-2024-4390

cve-icon Vulnrichment

Updated: 2024-08-01T20:40:47.063Z

cve-icon NVD

Status : Modified

Published: 2024-06-20T04:15:17.857

Modified: 2024-11-21T09:42:45.233

Link: CVE-2024-4390

cve-icon Redhat

No data.