What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides.
CVE-2022-29439
MEDIUM
CVE-2022-29439: WordPress Image Slider by NextCode plugin <= 1.1.2 - Slider Deletion via Cross-Site Request Forgery (CSRF) vulnerability
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Key dates
02Disclosure timeline
June 15, 2022
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-25071 WordPress Vignette Ads plugin <= 0.2 - CSRF to Stored XSS vulnerability
CVE-2024-31985 XWiki Platform CSRF in the job scheduler
CVE-2024-54418 WordPress DTC Documents plugin <= 1.1.05 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2021-24166 Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection
CVE-2022-32289 WordPress Popup Builder plugin <= 4.1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Popup Status Change
