WordPress Plugin Vulnerabilities

LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Cross-Site Request Forgery via publish_lp()

Description

The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the publish_lp() function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to change the LadiPage key (a key fully controlled by the attacker), enabling them to freely create new pages, including web pages that trigger stored XSS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Affects Plugins

Plugin icon
ladipage
No known fix

References

CVE
CVE-2023-4729
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/db707507-c53f-45b8-a8e1-7fea1c6f8f3c

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
GiongfNef
Verified
No
WPVDB ID
84006c88-0e94-42fa-a50b-93827033d695

Timeline

Publicly Published
2024-03-11 (about 2 years ago)
Added
2024-03-11 (about 2 years ago)
Last Updated
2024-03-11 (about 2 years ago)

Other

Published
Title
Published
2025-09-05
Title
Purge Varnish Cache <= 2.6 - Cross-Site Request Forgery
Published
2025-04-18
Title
WP Headers And Footers < 3.1.2 - Arbitrary Options Update via CSRF
Published
2025-04-09
Title
IP2Location World Clock < 1.1.10 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2019-02-26
Title
FormCraft <= 1.2.1 - Cross-Site Request Forgery (CSRF)
Published
2023-11-08
Title
Product Catalog Simple < 1.7.6 - Cross-Site Request Forgery via ic_system_status