WordPress Plugin Vulnerabilities

Simple Download Monitor < 3.9.6 - Unauthorised Log Reset

Description

The sdm_reset_log AJAX action of the plugin does not have any capability and CSRF checks, which could allow any authenticated user (such as subscriber), or an attacker performing a CSRF attack against a logged in admin to reset the log entries

Proof of Concept

https://example.com/wp-admin/admin-ajax.php?action=sdm_reset_log

Affects Plugins

simple-download-monitor

Fixed in version 3.9.6

Classification

Type

ACCESS CONTROLS

OWASP top 10

A5: Broken Access Control

CWE

CWE-284

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

08f4c669-0000-4b17-b762-ae06f5d01538

Timeline

Publicly Published

2021-10-05 (about 10 months ago)

Added

2021-10-05 (about 10 months ago)

Last Updated

2021-10-05 (about 10 months ago)

Our Other Services

WPScan WordPress Security Plugin