WP Sliding Login/Dashboard Panel Cross-Site Request Forgery Vulnerability
Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the WP Sliding Login/Dashboard Panel plugin for WordPress, affecting all versions through 2.1.1. The vulnerability arises from inadequate nonce validation in the wp_sliding_panel_user_options() function, allowing unauthenticated attackers to manipulate plugin settings by tricking a site administrator into clicking a link.
Impact
Exploitation of this vulnerability allows for unauthorized modification of plugin settings, potentially leading to broader security issues depending on the nature of the changed settings.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
0.6exploitability
7.0remediation
0.0relevance
0.2threat
3.2urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.