Tag Archives: Cross-Site Request Forgery (CSRF)/File Modification

WordPress Plugin Review Team’s Review Fails to Catch CSRF Vulnerability Allowing Modification of .htaccess File

If you believe the top person behind WordPress, Matt Mullenweg, new plugins being added to the WordPress Plugin Directory are not being reviewed beforehand:

“Why couldn’t it be more like the plugin directory?” asked Mullenweg. “That has all the same potential issues and has been working pretty well. I’d like it to work just like the plugin directory, with direct access for authors, and most reviews being post-review vs. pre-review.” [Read more]

Authenticated File Modification Vulnerability in WP Editor

As discussed in the more detail in the post for the other vulnerability we found in the WP Editor plugin, we recently started seeing requests for a file in this plugin on one of our websites and we believe that it was checking for use of the plugin before exploiting it. After seeing that we started checking for vulnerabilities.

In addition the vulnerability we discussed in the other we post, we also found that any logged in user can edit files on the website since there is no check as to the user capabilities when editing the files. The protection against cross-site request forgery (CSRF) is broken, so it is also susceptible to that. [Read more]

Plugin Vulnerabilities

A service to protect your site against vulnerabilities in WordPress plugins.

Tag Archives: Cross-Site Request Forgery (CSRF)/File Modification

WordPress Plugin Review Team’s Review Fails to Catch CSRF Vulnerability Allowing Modification of .htaccess File

Authenticated File Modification Vulnerability in WP Editor