Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-36759: Changeset 2368332 for insert-php – WordPress Plugin Repository

The Woody code snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.3.9. This is due to missing or incorrect nonce validation on the runActions() function. This makes it possible for unauthenticated attackers to activate and deactivate snippets via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE
Open in Source
#web#js#wordpress#php#auth

Timestamp:

08/25/2020 06:03:26 AM (3 years ago)

webtemyk

Message:

Bug fix (2.3.10)

Location:

insert-php/trunk

Files:

  • admin/includes/class.snippets.viewtable.php (2 diffs)
  • insert_php.php (1 diff)
  • readme.txt (1 diff)

Legend:

Unmodified

Added

Removed

  • insert-php/trunk/admin/includes/class.snippets.viewtable.php

    r2329037

    r2368332

137

137

                $wpnonce = WINP\_Plugin::app()->request->get( '\_wpnonce', '' );

138

138

139

 

                if ( ( ! empty( $wpnonce ) && ! wp\_verify\_nonce( $wpnonce, 'wbcr\_inp\_snippert\_' . $post\_id . '\_action\_nonce' ) ) || ! WINP\_Plugin::app()->currentUserCan() ) {

 

139

                if ( ! wp\_verify\_nonce( $wpnonce, 'wbcr\_inp\_snippert\_' . $post\_id . '\_action\_nonce' ) || ! WINP\_Plugin::app()->currentUserCan() ) {

140

140

                    wp\_die( 'Permission error. You can not edit this page.' );

141

141

                }

…

…

 

241

241

                if ( WINP\_Plugin::app()->getExecuteObject()->getSnippetError( $snippet\_id ) ) {

242

242

                    wp\_send\_json( \[

243

 

                            'alert' \=> true,

 

243

                            'alert'         \=> true,

244

244

                            'error\_message' => \_\_( "The snippet is not activated because errors were detected in the snippet code!", 'insert-php' ),

245

245

                        \]

  • insert-php/trunk/insert_php.php

    r2365771

    r2368332

5

5

 \* Description: Executes PHP code, uses conditional logic to insert ads, text, media content and external service’s code. Ensures no content duplication.

6

6

 \* Author: Will Bontrager Software, LLC <[email protected]>, Webcraftic <[email protected]>

7

 

 \* Version: 2.3.9

 

7

 \* Version: 2.3.10

8

8

 \* Text Domain: insert-php

9

9

 \* Domain Path: /languages/

  • insert-php/trunk/readme.txt

    r2365771

    r2368332

213

213

214

214

\== Changelog ==

 

215

\= 2.3.10 =

 

216

\* Fixed: Hot fix

 

217

215

218

\= 2.3.9 =

216

219

\* Fixed: jQuery.fn.load() and other bugs after update to Wordpress 5.5

Note: See TracChangeset for help on using the changeset viewer.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE