WordPress Plugin Vulnerabilities

LabTools <= 1.0 - Subscriber+ Arbitrary Publication Deletion

Description

The plugin does not have proper authorisation and CSRF check in place when deleting publications, allowing any authenticated users, such as subscriber to delete arbitrary publication

Proof of Concept

The PoC will be displayed once the issue has been remediated.

Affects Plugins

Plugin icon
labtools
No known fix

References

CVE
CVE-2021-25097

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Muhammad Adel
Submitter
Muhammad Adel
Submitter website
https://itsfading.github.io
Submitter twitter
ItsFadinG_
Verified
Yes
WPVDB ID
67f5beb8-2cb0-4b43-87c7-dead9c005f9c

Timeline

Publicly Published
2021-12-28 (about 2 years ago)
Added
2021-12-28 (about 2 years ago)
Last Updated
2022-04-16 (about 2 years ago)

Other

Published
Title
Published
2024-02-26
Title
Bulk Edit Post Titles <= 5.0.0 - Missing Authorization via bulkUpdatePostTitles
Published
2023-06-02
Title
Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.5 - Missing authentication
Published
2021-09-22
Title
Ninja Forms < 3.5.8 - Unprotected REST-API to Email Injection
Published
2022-01-19
Title
WP HTML Mail < 3.1 - Unprotected REST-API Endpoint
Published
2021-09-20
Title
Multiple Plugins from CatchThemes - Unauthorised Plugin's Setting Change