WordPress Plugin Vulnerabilities

Software License Manager < 4.4.6 - CSRF to Stored XSS

Description

The plugin did not have CSRF check on its settings page, nor sanitisation when outputting user input back. Attackers could make a logged in administrator change the plugin's settings, and put XSS payload in them.

Proof of Concept

Affects Plugins

Plugin icon
software-license-manager
Fixed in 4.4.6

References

CVE
CVE-2021-20782
URL
https://jvn.jp/en/jp/JVN89054582/
URL
https://plugins.trac.wordpress.org/changeset/2520250/

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
7.1 (high)

Miscellaneous

Original Researcher
Koken Tokuda
Verified
Yes
WPVDB ID
578ba085-6cb8-4205-9884-5829cfafe0de

Timeline

Publicly Published
2021-04-23 (about 4 years ago)
Added
2021-04-23 (about 4 years ago)
Last Updated
2022-03-05 (about 4 years ago)

Other

Published
Title
Published
2023-11-28
Title
Product Size Chart For WooCommerce < 1.1.6 - Settings Update via CSRF
Published
2025-02-17
Title
1 Click WordPress Migration Plugin – 100% FREE for a limited time < 2.3 - Cross-Site Request Forgery to Backup Process Cancellation
Published
2023-02-14
Title
Locatoraid Store Locator < 3.9.12 - CSRF
Published
2024-05-24
Title
Pray For Me <= 1.0.4 - Settings Update via CSRF
Published
2023-12-26
Title
Webba Booking < 5.0 - Cross-Site Request Forgery