Widget Logic provides a comfortable way to dynamically toggle widget visibility with custom PHP code. By eval’ing the logic registered for each widget, the plugin determines if it should be shown or not. Due to a nested CSRF vulnerability, attackers are able to make administrators add malicious code to custom sidebar widgets registered with wp_register_sidebar_widget. This results in a Remote Code Execution. Detailed analysis: https://dannewitz.ninja/posts/widget-logic-csrf-to-rce Fixed in version 5.10.2: https://plugins.trac.wordpress.org/changeset/2112753/widget-logic
CPE | Name | Operator | Version |
---|---|---|---|
widget-logic | lt | 5.10.2 |