WordPress Plugin Vulnerabilities

Tiempo.com <= 0.1.2 - Shortcode Deletion via CSRF

Description

The plugin does not have CSRF check when deleting its shortcode, which could allow attackers to make logged in admins delete arbitrary shortcode via a CSRF attack

Proof of Concept

Make a logged in admin open the URL below, this will make them delete the shortcode with ID 1

https://example.com/wp-admin/admin.php?page=tiempocom/app/admin.php&action=delete&shortcode=1

Affects Plugins

Plugin icon
tiempocom
No known fix

References

CVE
CVE-2023-2271

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Erwan LR (WPScan)
Verified
Yes
WPVDB ID
31512f33-c310-4b36-b665-19293097cc8b

Timeline

Publicly Published
2023-04-25 (about 7 months ago)
Added
2023-04-25 (about 7 months ago)
Last Updated
2023-04-25 (about 7 months ago)

Other

Published
Title
Published
2023-10-13
Title
Hitsteps Web Analytics < 5.87 - Arbitrary Settings Update via CSRF
Published
2023-02-22
Title
Integration for Contact Form 7 and Zoho CRM, Bigin < 1.2.3 - Cross-Site Request Forgery (CSRF)
Published
2019-07-17
Title
WP Code Highlight.js < 0.6.3 - CSRF to Stored XSS
Published
2023-08-28
Title
WP Users Media <= 4.2.3 - Cross-Site Request Forgery in wpusme_save_settings
Published
2016-08-04
Title
Events Made Easy < 1.6.21 - CSRF to Cross-Site Scripting (XSS)