CVSS 3.1 Score 5.4 of 10 (medium)


Published Mar 2, 2024
Updated: Mar 4, 2024


CVE-2023-6326 is a vulnerability found in the Master Slider – Responsive Touch Slider plugin for WordPress, affecting all versions up to and including 3.9.3. It is classified as a Cross-Site Request Forgery (CSRF) vulnerability. The issue arises from missing or incorrect nonce validation in the 'process_bulk_action' function, allowing unauthenticated attackers to duplicate or delete sliders through forged requests. To exploit this vulnerability, attackers would need to deceive a site administrator into performing an action, such as clicking on a link. The risk score is rated at 25 out of 100, indicating a medium severity level. The base score is 5.4 according to CVSS:3.1, with low integrity and no confidentiality impact. However, it should be noted that this analysis description does not provide further details on remediation steps or potential dangers posed to organizations.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6326 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options