Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Network-delivered CSRF requires no attacker privileges (PR:N) but mandates admin interaction (UI:R); scope change (S:C) reflects stored XSS executing in victim browsers beyond the vulnerable WordPress instance.
Primary rating from Vendor (Wordfence).
CVSS VectorVendor: Wordfence
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
The Osiris Signature Banner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
AnalysisAI
Cross-Site Request Forgery in the Osiris Signature Banner WordPress plugin (all versions ≤ 0.5) enables unauthenticated attackers to update plugin settings and inject stored XSS payloads by tricking an authenticated administrator into triggering a forged request. Missing nonce validation across at least four functions (lines 107, 118, 139, and 189 of osiris-signature-banner.php) means any forged cross-origin form submission executed in an active admin session bypasses all server-side origin checks. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the Osiris Signature Banner plugin (version ≤ 0.5) to be installed and active on the target WordPress site. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 score of 6.1 (Medium) encodes meaningful signal: AV:N and AC:L confirm the attack is network-accessible with no special conditions, while PR:N establishes the attacker requires no prior credentials. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious webpage hosting a hidden HTML form that submits a settings-update POST request to the target WordPress site's admin endpoint for the Osiris Signature Banner plugin, embedding a JavaScript payload in a plugin settings field. The attacker distributes a link to this page via phishing email targeting a site administrator; when the admin clicks the link while holding an active WordPress session, the browser automatically submits the forged request with the admin's session cookie, the server accepts it without nonce verification, and the malicious script is stored. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the available references document version 0.5 as the current tagged release with no fixed version present in CPE data or references. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38655
GHSA-p4m8-3gv5-584p