27 Jan 2018
CVE-2018-6357 - CVE Vulnerability
The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS. (CVSS:0.0) (Last Update:2018-01-27)
Vulnerability Details : The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS. Publish Date : 2018-01-27 Last Update Date : 2018-01-27 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-6357
- References For CVE-2018-6357
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-6357There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |