Support » Plugin: Custom Sidebars - Dynamic Widget Area Manager » CSRF & XSS vulnerabilities

  • Resolved qasuar

    (@qasuar)


    Hi guys,
    I found a CSRF and a XSS vulnerability in your website as you can see in this video 🙂

    Best wishes 🙂

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Predrag Dubajic WPMU DEV Support

    (@wpmudev-support1)

    Hi @qasuar,

    Thanks a lot for the report, I have reported this to our developers and they will look into it asap.

    I’m not expert in this part but if I understand this correctly taking advantage of this is only possible if you have admin access already?

    Best regards,
    Predrag

    Plugin Author Marcin Pietrzak

    (@iworks)

    Hi @qasuar

    Thank you for the report, but I have one doubt because I can not (partial) reproduce this.

    Could you re-test it, but first you need just log out from this site, from this browser or use another browser (without logged wp-user on target site).

    This code “works” when you are logged ( a cookie is sent) and it is a small vulnerability and I need to add nonces, to avoid this situation, but basically, you are logged to the target site and you have privileges to add a sidebar.

    I can reproduce this problem when I’m logged in, but when I’m logged out – I can not.

    Could you confirm?

    Marcin

    Plugin Author Marcin Pietrzak

    (@iworks)

    hi @qasuar

    Thank you again 😉

    Could you check the new version? CSRF vulnerability should be removed in 3.0.8.1 version.

    Thank you again!

    Marcin

    Nice job @iworks 🙂

    Sorry for the delay but I’m not active here so I didn’t see these comments

    BTW great job 😉

    Plugin Author Marcin Pietrzak

    (@iworks)

    Thank you @qasuar!

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.