Vulnerabilities

CVE-2019-11886

by Fred · 13/05/2019

The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access.

Date published : 2019-05-13

Visual CSS Style Editor

https://wpvulndb.com/vulnerabilities/9256

Similar

Tags: Cybersecurity Alert