WordPress Plugin Vulnerabilities

WP Content Plus < 3.2 - CSRF Nonce Bypass

Description

The plugin allowed requests without the wppcp_backend_group_add_new_member_nonce POST parameter to bypass the CSRF check. This could lead to attackers making a logged in users add an arbitrary user to a group via a CSRF attack

Affects Plugins

Plugin icon
wp-private-content-plus
Fixed in 3.2

References

URL
https://plugins.trac.wordpress.org/changeset/2473452
URL
https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet.com)
Submitter
WPScanTeam
Verified
Yes
WPVDB ID
369a72b4-cea8-432c-9834-601fcfb15cb7

Timeline

Publicly Published
2021-02-22 (about 5 years ago)
Added
2021-02-22 (about 5 years ago)
Last Updated
2021-03-03 (about 5 years ago)

Other

Published
Title
Published
2025-02-03
Title
Read More Copy Link <= 1.0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2025-01-16
Title
Blogger Image Import 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2023-02-28
Title
Rus-To-Lat <= 0.3 - Cross-Site Request Forgery (CSRF)
Published
2014-08-01
Title
Related Posts 2.7.1 - Cross-Site Request Forgery
Published
2023-10-03
Title
Post View Count < 2.0.1 - Post View Data Reset via CSRF