Paypal Donation < 1.3.1 – CSRF to Arbitrary Post Deletion | CVE 2021-24572

Description

The plugin provides a function to create donation buttons which are internally stored as posts. The deletion of a button is not CSRF protected and there is no control to check if the deleted post was a button post. As a result, an attacker could make logged in admins delete arbitrary posts

Proof of Concept

https://example.com/wp-admin/admin.php?page=wpedon_buttons&action=delete&inline=true&product=<target post id>

Affects Plugins

easy-paypal-donation

Fixed in 1.3.1

References

CVE

CVE-2021-24572

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

CVSS

5.4 (medium)

Miscellaneous

Original Researcher

dc11

Submitter

dc11

Verified

Yes

WPVDB ID

7b1ebd26-ea8b-448c-a775-66a04102e44f

Timeline

Publicly Published

2021-10-04 (about 2 years ago)

Added

2021-10-04 (about 2 years ago)

Last Updated

2022-04-15 (about 2 years ago)

Other

Published

Title

Published

2022-09-09

Title

Corner Ad < 1.0.57 - Ads Deletion via CSRF

Published

2014-08-01

Title

Google Analytics MU 2.3 - google-analytics-mu-network.php Analytics Code Manipulation CSRF

Published

2022-04-11

Title

Yoo Slider < 2.1.0 - Arbitrary Template Import via CSRF

Published

2023-09-01

Title

authLdap < 2.5.9 - Settings Update via CSRF

Published

2023-06-16

Title

LWS Tools < 2.4.2 - Cross-Site Request Forgery