Описание
The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved.
Ссылки
- ExploitThird Party Advisory
- https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/ExploitThird Party Advisory
- ExploitThird Party Advisory
- https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.0.4 (исключая)
cpe:2.3:a:facebook:facebook:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 36%
0.00149
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
около 3 лет назад
The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved.
EPSS
Процентиль: 36%
0.00149
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352