WordPress Plugin Vulnerabilities
WPDashboardNotes < 1.0.11 - Unauthorised Deletion of Private Notes
Description
The plugin is vulnerable to Insecure Direct Object References (IDOR) in post_id= parameter. Authenticated users are able to delete private notes associated with different user accounts. This poses a significant security risk as it violates the principle of least privilege and compromises the integrity and privacy of user data.
Proof of Concept
After attacker create a note, uses the delete option. Intercepts the request and manipulate the post_id= to the victim note. action=wpdn_delete_note&post_id=<ID-TO-DELETE>&nonce=1aa16d2949
Affects Plugins
References
CVE
Classification
Type
IDOR
OWASP top 10
CWE
Miscellaneous
Original Researcher
Pedro Cuco (Illex)
Submitter
Pedro Cuco (Illex)
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-12-19 (about 4 months ago)
Added
2024-02-02 (about 3 months ago)
Last Updated
2024-02-02 (about 3 months ago)