The Flash Show And Hide Box plugin for WordPress has a security issue called Cross-Site Request Forgery. This can happen in any version up to 1.6 because of a problem with checking for a special code. This means that people who are not logged in can change the settings and put bad code on the website if they can make the site’s manager do something, like click on a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
