WordPress Plugin Vulnerabilities

Filter Portfolio Gallery <= 1.5 - Arbitrary Gallery Deletion via CSRF

Description

The plugin is lacking Cross-Site Request Forgery (CSRF) check when deleting a Gallery, which could allow attackers to make a logged in admin delete arbitrary Gallery.

Proof of Concept

https://example.com/wp-admin/admin.php?page=phoen_filter_gallery&delete_id=1

Affects Plugins

Plugin icon
filter-portfolio-gallery
No known fix

References

CVE
CVE-2021-24795

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Vishal Mohan
Submitter
Vishal Mohan
Submitter twitter
Vishal12MI
Verified
Yes
WPVDB ID
ef3c1d4f-53a4-439e-9434-b3b4adb687a4

Timeline

Publicly Published
2021-11-15 (about 2 years ago)
Added
2021-11-15 (about 2 years ago)
Last Updated
2022-04-11 (about 2 years ago)

Other

Published
Title
Published
2024-04-12
Title
eCommerce Product Catalog < 3.3.29 - Cross-Site Request Forgery
Published
2023-09-27
Title
Block Update < 3.3.2 - Arbitrary Plugin Update Blocking via CSRF
Published
2023-10-18
Title
Internal Link Building <= 1.2.3 - CSRF
Published
2024-02-27
Title
Yuki < 1.3.15 - Cross-Site Request Forgery to Theme Setting Reset
Published
2024-04-05
Title
WordPress Comments Import & Export < 2.3.6 - Cross-Site Request Forgery