WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Post SMTP Mailer/Email Log < 2.0.21 - CSRF Nonce Bypass

Description

A user could bypass the nonce check associated with Export mail to CSV handleCsvExport() function

Proof of Concept

Submit a request w/o the post-smtp-log-nonce parameter

Affects Plugins

post-smtp
Fixed in version 2.0.21

References

CVE
CVE-2021-4422
URL
https://plugins.trac.wordpress.org/changeset/2473579
URL
https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/

Classification

Type

CSRF

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher

Jerome Bruandet (nintechnet.com)

Submitter

VikeLite

Verified

No

WPVDB ID
6b74a8bd-06fc-495c-a95e-c93367d6d7d0

Timeline

Publicly Published

2021-02-12 (about 2 years ago)

Added

2021-02-12 (about 2 years ago)

Last Updated

2023-07-12 (about 2 months ago)

Our Other Services

WPScan WordPress Security Plugin