Headline
CVE-2020-36737: Changeset 2368366 for astra-import-export – WordPress Plugin Repository
The Import / Export Customizer Settings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the astra_admin_errors() function. This makes it possible for unauthenticated attackers to display an import status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Timestamp:
08/25/2020 06:56:40 AM (3 years ago)
brainstormworg
Message:
Update to version 1.0.4 from GitHub
Location:
astra-import-export
Files:
- tags/1.0.4 (copied from astra-import-export/trunk)
- tags/1.0.4/astra-import-export.php (2 diffs)
- tags/1.0.4/inc/classes/class-astra-import-export-loader.php (1 diff)
- tags/1.0.4/languages/astra-import-export.pot (1 diff)
- tags/1.0.4/readme.txt (2 diffs)
- trunk/astra-import-export.php (2 diffs)
- trunk/inc/classes/class-astra-import-export-loader.php (1 diff)
- trunk/languages/astra-import-export.pot (1 diff)
- trunk/readme.txt (2 diffs)
Legend:
Unmodified
Added
Removed
astra-import-export/tags/1.0.4/astra-import-export.php
r2307073
r2368366
4
4
\* Plugin URI: https://wpastra.com/
5
5
\* Description: This plugin is an add-on for the Astra WordPress Theme. It will help in Import Export Customizer settings.
6
\* Version: 1.0.3
6
\* Version: 1.0.4
7
7
\* Author: Brainstorm Force
8
8
\* Author URI: http://www.brainstormforce.com
…
…
19
19
\* Set constants.
20
20
\*/
21
define( 'ASTRA\_IMPORT\_EXPORT\_VER', '1.0.3' );
21
define( 'ASTRA\_IMPORT\_EXPORT\_VER', '1.0.4' );
22
22
define( 'ASTRA\_IMPORT\_EXPORT\_FILE', \_\_FILE\_\_ );
23
23
define( 'ASTRA\_IMPORT\_EXPORT\_BASE', plugin\_basename( ASTRA\_IMPORT\_EXPORT\_FILE ) );
astra-import-export/tags/1.0.4/inc/classes/class-astra-import-export-loader.php
r2307073
r2368366
103
103
public function astra\_admin\_errors() {
104
104
// Verify correct source for the $\_GET data.
105
if ( isset( $\_GET\['\_wpnonce'\] ) && ! wp\_verify\_nonce( $\_GET\['\_wpnonce'\], 'astra-import-complete' ) ) {
105
if ( ! isset( $\_GET\['\_wpnonce'\] ) || ! wp\_verify\_nonce( $\_GET\['\_wpnonce'\], 'astra-import-complete' ) ) {
106
106
return;
107
107
}
astra-import-export/tags/1.0.4/languages/astra-import-export.pot
r2307073
r2368366
3
3
msgid ""
4
4
msgstr ""
5
"Project-Id-Version: Import / Export Customizer Settings 1.0.3\\n"
5
"Project-Id-Version: Import / Export Customizer Settings 1.0.4\\n"
6
6
"Report-Msgid-Bugs-To: "
7
7
"https://wordpress.org/support/plugin/astra-import-export\\n"
8
"POT-Creation-Date: 2020-05-18 07:08:21+00:00\\n"
8
"POT-Creation-Date: 2020-08-25 06:06:31+00:00\\n"
9
9
"MIME-Version: 1.0\\n"
10
10
"Content-Type: text/plain; charset=utf-8\\n"
astra-import-export/tags/1.0.4/readme.txt
r2359689
r2368366
4
4
Requires at least: 4.4
5
5
Tags: astra addons export, import, settings, customizer settings, theme settings, theme options
6
Stable tag: 1.0.3
6
Stable tag: 1.0.4
7
7
Requires PHP: 5.4
8
8
Tested up to: 5.5
…
…
43
43
\== Changelog ==
44
44
45
\= 1.0.4 =
46
\- Fix: Security hardening.
47
45
48
\= 1.0.3 =
46
49
\- Improvement: Compatibility with latest WordPress PHP\_CodeSniffer rules.
astra-import-export/trunk/astra-import-export.php
r2307073
r2368366
4
4
\* Plugin URI: https://wpastra.com/
5
5
\* Description: This plugin is an add-on for the Astra WordPress Theme. It will help in Import Export Customizer settings.
6
\* Version: 1.0.3
6
\* Version: 1.0.4
7
7
\* Author: Brainstorm Force
8
8
\* Author URI: http://www.brainstormforce.com
…
…
19
19
\* Set constants.
20
20
\*/
21
define( 'ASTRA\_IMPORT\_EXPORT\_VER', '1.0.3' );
21
define( 'ASTRA\_IMPORT\_EXPORT\_VER', '1.0.4' );
22
22
define( 'ASTRA\_IMPORT\_EXPORT\_FILE', \_\_FILE\_\_ );
23
23
define( 'ASTRA\_IMPORT\_EXPORT\_BASE', plugin\_basename( ASTRA\_IMPORT\_EXPORT\_FILE ) );
astra-import-export/trunk/inc/classes/class-astra-import-export-loader.php
r2307073
r2368366
103
103
public function astra\_admin\_errors() {
104
104
// Verify correct source for the $\_GET data.
105
if ( isset( $\_GET\['\_wpnonce'\] ) && ! wp\_verify\_nonce( $\_GET\['\_wpnonce'\], 'astra-import-complete' ) ) {
105
if ( ! isset( $\_GET\['\_wpnonce'\] ) || ! wp\_verify\_nonce( $\_GET\['\_wpnonce'\], 'astra-import-complete' ) ) {
106
106
return;
107
107
}
astra-import-export/trunk/languages/astra-import-export.pot
r2307073
r2368366
3
3
msgid ""
4
4
msgstr ""
5
"Project-Id-Version: Import / Export Customizer Settings 1.0.3\\n"
5
"Project-Id-Version: Import / Export Customizer Settings 1.0.4\\n"
6
6
"Report-Msgid-Bugs-To: "
7
7
"https://wordpress.org/support/plugin/astra-import-export\\n"
8
"POT-Creation-Date: 2020-05-18 07:08:21+00:00\\n"
8
"POT-Creation-Date: 2020-08-25 06:06:31+00:00\\n"
9
9
"MIME-Version: 1.0\\n"
10
10
"Content-Type: text/plain; charset=utf-8\\n"
astra-import-export/trunk/readme.txt
r2359689
r2368366
4
4
Requires at least: 4.4
5
5
Tags: astra addons export, import, settings, customizer settings, theme settings, theme options
6
Stable tag: 1.0.3
6
Stable tag: 1.0.4
7
7
Requires PHP: 5.4
8
8
Tested up to: 5.5
…
…
43
43
\== Changelog ==
44
44
45
\= 1.0.4 =
46
\- Fix: Security hardening.
47
45
48
\= 1.0.3 =
46
49
\- Improvement: Compatibility with latest WordPress PHP\_CodeSniffer rules.
Note: See TracChangeset for help on using the changeset viewer.