WordPress Plugin Vulnerabilities

CM Download Manager < 2.9.0 - Download Deletion via CSRF

Description

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack

Proof of Concept

Make an admin open the URL below

https://example.com/cmdownload/del/id/<download_id >

Affects Plugins

Plugin icon
cm-download-manager
Fixed in 2.9.0

References

CVE
CVE-2024-1232
YouTube Video

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher
Sushmita Poudel
Submitter
Sushmita Poudel
Submitter website
https://susmitapoudel.com.np
Submitter twitter
poudelsushmita1
Verified
Yes
WPVDB ID
2a29b509-4cd5-43c8-84f4-f86251dd28f8

Timeline

Publicly Published
2024-03-04 (about 2 months ago)
Added
2024-03-04 (about 2 months ago)
Last Updated
2024-03-04 (about 2 months ago)

Other

Published
Title
Published
2023-04-19
Title
Pearl < 1.3.5 - CSRF
Published
2017-04-06
Title
Twitter Cards Meta < 2.5.0 - CSRF and XSS
Published
2023-12-27
Title
WooCommerce PDF Invoice Builder < 1.2.102 - Cross-Site Request Forgery
Published
2021-07-05
Title
Flash Games <= 2.2 - CSRF Bypass
Published
2021-07-28
Title
SEO Backlinks <= 4.0.1 - CSRF to Stored XSS