The plugin does not properly check for the CSRF nonce in the export and import features, which could allow attackers to make authenticated logged in administrators perform those actions via a CSRF attack.
To bypass the nonce validation, just don't send the crp_export_settings_nonce or crp_import_settings_nonce parameter. File: contextual-related-posts/includes/admin/modules/tools.php Code: if ( isset( $_POST['crp_export_settings_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['crp_export_settings_nonce'] ), 'crp_export_settings_nonce' ) ) { return; } if ( isset( $_POST['crp_import_settings_nonce'] ) && ! wp_verify_nonce( sanitize_key( $_POST['crp_import_settings_nonce'] ), 'crp_import_settings_nonce' ) ) { return; }
Lenon Leite
Lenon Leite
Yes
2020-11-19 (about 2 years ago)
2020-11-19 (about 2 years ago)
2020-11-20 (about 2 years ago)