WordPress Plugin Vulnerabilities

Redux Framework 4.1.22 - 4.1.23 - CSRF Nonce Validation Bypass

Description

The plugin re-introduced a CSRF bypass issue in v4.1.22, as the nonce is only checked if present in the request.

Affects Plugins

Plugin icon
redux-framework
Fixed in 4.1.24

References

URL
https://plugins.trac.wordpress.org/changeset/2437953/redux-framework/trunk/redux-core/inc/classes/class-redux-ajax-save.php?old=2405408

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
ErwanLR
Verified
Yes
WPVDB ID
ad9a190b-3bb6-4589-84e7-43372615588f

Timeline

Publicly Published
2020-12-15 (about 2 years ago)
Added
2020-12-15 (about 2 years ago)
Last Updated
2020-12-16 (about 2 years ago)

Other

Published
Title
Published
2023-07-26
Title
Saphali Woocommerce Lite < 1.9.0 - Settings Update/Reset via CSRF
Published
2021-12-24
Title
Spreadsheet Integration < 3.6.0 - CSRF Bypass
Published
2014-08-01
Title
ThinkIT <= 0.3 - wp-admin/admin.php Contact Form Deletion CSRF
Published
2021-07-28
Title
Post Index <= 0.7.5 - CSRF to Stored XSS
Published
2021-03-01
Title
Better Search < 2.5.3 - Cross-Site Request Forgery