Back to search
CVE-2019-11886
Published: May 13, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://wpvulndb.com/vulnerabilities/9256
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now