WordPress Plugin Vulnerabilities

Stetic < 1.0.9 - CSRF to Stored Cross-Site Scripting

Description

The plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the stats_page function found in the ~/stetic.php file, which made it possible for attackers to inject arbitrary web scripts.

The CSRF issue has been fixed in 1.0.7, while sanitisation and escaping have been done in 1.0.7 to 1.0.9

Affects Plugins

Plugin icon
stetic
Fixed in 1.0.9

References

CVE
CVE-2021-42364
URL
https://www.wordfence.com/vulnerability-advisories/#CVE-2021-42364

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
8.8 (high)

Miscellaneous

Original Researcher
Naoki Ogawa, Cryptography Laboratory in Tokyo Denki University
Verified
No
WPVDB ID
521f4fbf-8713-494d-a3f4-c5ee9be2aa90

Timeline

Publicly Published
2021-11-29 (about 4 years ago)
Added
2021-11-29 (about 4 years ago)
Last Updated
2022-04-10 (about 4 years ago)

Other

Published
Title
Published
2023-10-16
Title
Lazy Load for Videos < 2.18.3 - Arbitrary Settings Update via CSRF
Published
2024-04-24
Title
HL Twitter <= 2014.1.18 - Unlink Twitter Account via CSRF
Published
2024-10-28
Title
Crypto < 2.16 - Cross-Site Request Forgery to Authentication Bypass
Published
2025-09-22
Title
Piotnet Forms <= 1.0.30 - Cross-Site Request Forgery
Published
2025-01-16
Title
Word Freshener <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting