oss-sec mailing list archives
CVE request: WordPress plugin wp-cleanfix CSRF
From: Henri Salo <henri () nerv fi>
Date: Thu, 16 May 2013 17:59:46 +0300
Hello, Can I get CVE for CSRF vulnerability in WordPress plugin wp-cleanfix, thanks. Attacker can execute arbitrary PHP code using eval() in wpCleanFixAjax.php with CSRF. I also noticed the plugin contains wp-cleanfix.php: <script type="text/javascript" src="http://blog.wpxtre.me/widget/?<?php echo time() ?>"></script> Tested: 2.4.4 Information posted originally 11 months ago, but eval() alone is not dangerous. Not sure if this should be 2012 or 2013 CVE. References: http://wordpress.org/support/topic/plugin-wp-cleanfix-remote-code-execution-warning https://github.com/wpscanteam/wpscan/issues/186 http://wordpress.org/extend/plugins/wp-cleanfix/ --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: WordPress plugin wp-cleanfix CSRF Henri Salo (May 16)
- Re: CVE request: WordPress plugin wp-cleanfix CSRF Kurt Seifried (May 18)
- Re: CVE request: WordPress plugin wp-cleanfix CSRF Henri Salo (May 18)
- Re: CVE request: WordPress plugin wp-cleanfix CSRF Kurt Seifried (May 18)
- Re: CVE request: WordPress plugin wp-cleanfix CSRF Henri Salo (May 18)
- Re: CVE request: WordPress plugin wp-cleanfix CSRF Kurt Seifried (May 18)