eCommerce Product Catalog Plugin for WordPress < 3.3.26 – Products Deletion via CSRF | CVE 2023-5979 | Plugin Vulnerabilities

Description

The plugin does not have CSRF checks in some of its admin pages, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as delete all products

Proof of Concept

Make a logged in admin open the URL below

https://example.com/wp-admin/edit.php?post_type=al_product&page=system.php&delete_all_products&delete_all_products_confirm=1

Affects Plugins

ecommerce-product-catalog

Fixed in 3.3.26

References

CVE

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Krzysztof Zając (CERT PL)

Submitter

Krzysztof Zając (CERT PL)

Submitter website

https://cert.pl

Submitter twitter

Verified

Yes

WPVDB ID

936934c3-5bfe-416e-b6aa-47bed4db05c4

Timeline

Publicly Published

2023-11-13 (about 2 years ago)

Added

2023-11-13 (about 2 years ago)

Last Updated

2023-11-13 (about 2 years ago)

Other

Published

Title

Published

2024-01-30

Title

PopupAlly < 2.1.1 - Cross-Site Request Forgery via optin_submit_callback

Published

2014-08-01

Title

Cool Video Gallery 1.8 - admin/plugin-uninstall.php Plugin Uninstallation CSRF

Published

2014-08-01

Title

Twitget 3.3.1 - twitget.php Twitter Setting Manipulation CSRF

Published

2020-10-14

Title

Live Chat - Live support < 3.2.0 - Cross-Site Request Forgery

Published

2024-12-16

Title

SMS for WooCommerce < 2.8.1.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting