WordPress Plugin Vulnerabilities

Redirection < 1.1.5 - Plugin Reset via CSRF

Description

The plugin does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

Proof of Concept

https://example.com/wp-admin/admin-post.php?action=ir_uninstall

Affects Plugins

Plugin icon
redirect-redirection
Fixed in 1.1.5

References

CVE
CVE-2023-1331

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
6.3 (medium)

Miscellaneous

Original Researcher
Mohamed Selim
Submitter
Mohamed Selim
Submitter website
https://facebook.com/caesareg
Verified
Yes
WPVDB ID
f81d9340-cf7e-46c4-b669-e61f2559cb8c

Timeline

Publicly Published
2023-03-21 (about 1 years ago)
Added
2023-03-21 (about 1 years ago)
Last Updated
2023-03-21 (about 1 years ago)

Other

Published
Title
Published
2022-04-05
Title
Ad Invalid Click Protector (AICP) < 1.2.7 - Arbitrary Ban Deletion via CSRF
Published
2024-04-10
Title
MailChimp Forms by MailMunch < 3.2.2 - Cross-Site Request Forgery
Published
2021-11-15
Title
WP Admin Logo Changer <= 1.0 - Plugin's Settings Update via CSRF
Published
2023-03-14
Title
WP Basic Elements < 5.3.0 - Settings Update via CSRF
Published
2023-07-20
Title
WP-FlyBox <= 6.46 - CSRF