Security Advisory

CVE-2019-11886

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-13 04:03:16

Last updated 2024-08-04 23:10:29

Assigner mitre

State PUBLISHED

Description

The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access.

← Browse all CVEs View on cve.org ↗