Description Plugin implements AJAX action admin_menu_tree_page_view_add_page which calls back the function admin_menu_tree_page_view_add_page. The later does not implement any anti-CSRF controls or security checks. Leveraging a CSRF attack an attacker could perform a Persistent XSS attack if the victim has administrative rights (see PoC). The AJAX action is a privileged one so it’s only available for… Read more »
Type: Privilege Escalation
CMS Tree Page View [CSRF, Privilege Escalation]
Description Plugin implements AJAX action cms_tpv_add_page which calls back the function cms_tpv_add_page. The later does not implement any anti-CSRF controls or security checks. Leveraging a CSRF attack an attacker could perform a Persistent XSS attack if the victim has administrative rights (see PoC). The AJAX action is a privileged one so it’s only available for… Read more »
Bulk Delete [Privilege Escalation]
“Bulk Delete” plugin for WordPress suffers from a privilege escalation vulnerability
Extra User Details [Privilege Escalation]
Extra User Details plugin for WordPress suffers from a Privilege Escalation vulnerability
WooCommerce – Store Toolkit [Privilege Escalation]
WooCommerce – Store Toolkit Plugin plugin for WordPress suffers from a Privilege Escalation vulnerability
User Meta Manager [Privilege Escalation]
User Meta Manager plugin for WordPress suffers from a Privilege Escalation vulnerability
WP Membership [Privilege Escalation]
WP Membership plugin for WordPress suffers from a Privilege Escalation vulnerability