HT Slider For Elementor by HT Plugins <= 1.3.9 - Arbitrary Plugin Activation via CSRF
LANACOMMONVDB ID: 5e46ad7b-fc5a-4f29-b599-2ca196252ede
The plugin does not have Cross-Site Request Forgery (CSRF) check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a Cross-Site Request Forgery (CSRF) attack.