CVSS Summary
Score | 6.8 Medium |
---|---|
Vector | Network |
Complexity | Medium |
Authentication | None |
Confidentiality | Partial |
Integrity | Partial |
Availability | Partial |
Last revised:
This plugin is vulnerable to a combination CSRF/XSS attack. An attacker able to convince an admin to visit a link of their choosing is able to insert arbitrary HTML into an admin page. Using that ability they can use JavaScript to control an admin user’s browser, allowing the attacker to create user accounts, create posts, delete all posts, etc.
Current state: Fixed
Score | 6.8 Medium |
---|---|
Vector | Network |
Complexity | Medium |
Authentication | None |
Confidentiality | Partial |
Integrity | Partial |
Availability | Partial |
If a logged-in administrator user clicks the submit button on this form, a javascript alert will display in the admin screens. (In a real attack the form can be made to auto-submit using Javascript).
<form method="POST" action="http://localhost/wp-admin/options-general.php?page=login_widget_afo"> <input type="text" name="custom_style_afo" value="</textarea><script>alert(1)</script>"> <input type="text" name="option" value="login_widget_afo_save_settings"> <input type="submit"> </form>
Upgrade to version 3.2.1 or later.