Cross site request forgery (csrf)

The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwappluginactivate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed...

CVE-2021-24703 Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation

The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwappluginactivate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed...

CVE-2021-24703

Summary: CVE-2021-24703 affects the WordPress Download Plugin (pre-1.6.1). The issue is in the dpwap_plugin_activate AJAX action, which lacks capability checks and CSRF verification. As a result, any authenticated user (e.g., subscribers) can activate plugins that are already installed. Impact (a...

PT-2021-16207 · WordPress · Download Plugin

Name of the Vulnerable Software and Affected Versions: Download Plugin WordPress plugin versions prior to 1.6.1 Description: The issue concerns a lack of capability and CSRF checks in the dpwap plugin activate AJAX action. This allows any authenticated users to activate plugins that are already...

WordPress plugin Download Plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation

The plugin does not have capability and CSRF checks in the dpwappluginactivate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed. v 1.5.9 - jQuery.postajaxurl, action:"dpwappluginactivate", dpwapurl:"hello.php" v 1.6.0 -...

Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation

The plugin does not have capability and CSRF checks in the dpwappluginactivate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed. PoC v 1.5.9 - jQuery.postajaxurl, action:"dpwappluginactivate", dpwapurl:"hello.php" v 1.6.0 -...

JS Job Manager < 1.1.9 - Unauthenticated Arbitrary Plugin Installation/Activation

The jsjobsajax AJAX action of the plugin available to both authenticated and unauthenticated users does not have proper authorisation and CSRF checks, in particular when using the installPluginFromAjax and activatePluginFromAjax, which could allow unauthenticated attackers to install arbitrary...

WordPress JS Jobs Manager 1.1.7 Authorization Bypass

Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def...

CVE-2021-24356

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites...

CVE-2021-24356 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites...

CVE-2021-24356

CVE-2021-24356 affects the WordPress plugin Simple 301 Redirects by BetterLinks (versions prior to 2.0.4). The issue is due to a lack of capability checks and insufficient nonce validation on the AJAX endpoint simple301redirects/admin/activate_plugin, which allowed any authenticated user to activ...

PT-2021-15892 · Betterlinks · Simple 301 Redirects

Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue is related to a lack of capability checks and insufficient nonce check on the AJAX action "simple301redirects/admin/activate plugin". This mad...

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation

In the plugin, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever',...

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation

In the plugin, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activateplugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites. $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit...

WordPress plugin authorization issue vulnerability (CNVD-2021-36536)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A vulnerability exists in the WordPress plugin before...

CVE-2021-24192

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Tree Sitemap WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which helps attackers install...

CVE-2021-24195

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Login as User or Customer User Switching WordPress plugin before 1.8, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, whic...

CVE-2021-24193

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Visitor Traffic Real Time Statistics WordPress plugin before 2.12, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, which...

CVE-2021-24195

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Login as User or Customer User Switching WordPress plugin before 1.8, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog, whic...