Login

Tag Archives: Crelly Slider

5 Jun 2019

Vulnerability Details: Authenticated Arbitrary File Upload in Crelly Slider

One of the changelog entries for the latest version of Crelly Slider is “Security patch”, which might explain why it was closed on the Plugin Directory on May 31. Looking at changes made in that version we found that capabilities checks and nonce checks (to prevent cross-site request forgery (CSRF)) where added to a number of AJAX accessible functions. The most serious issue that the lack of those checks looks to have allowed is an authenticated arbitrary file upload vulnerability, which is also exploitable through CSRF. Considering that the plugin has 20,000+ installs that might be something that hackers start to try target on websites that allow user registration (if they haven’t already). Since the plugin is still closed, you can’t update the plugin normally, so any customers needing help with that feel to contact us to get assistance.

[Read more]

6 Oct 2017

Vulnerability Details: Reflected Cross-Site Scriting (XSS) Vulnerability in Crelly Slider

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

[Read more]

6 Oct 2017

Vulnerability Details: Cross-Site Request Forgery (CSRF)/SQL Injection Vulnerability in Crelly Slider

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

[Read more]