Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-25052: Changeset 2641639 for button-generation – WordPress Plugin Repository

The Button Generator WordPress plugin before 2.3.3 within the wow-company admin menu page allows to include() arbitrary file with PHP extension (as well as with data:// or http:// protocols), thus leading to CSRF RCE.

CVE
Open in Source
#csrf#web

button-generation/trunk/Readme.txt

r2640129

r2641639

6

6

Tested up to: 5.8

7

7

Requires PHP: 5.3

8

Stable tag: 2.3.2

8

Stable tag: 2.3.3

9

9

License: GPLv2 or later

10

10

License URI: http://www.gnu.org/licenses/gpl-2.0.html

51

51

52

52

== Changelog ==

53

= 2.3.3 =

54

* Fixed: minor buf on plugin main page

55

53

56

= 2.3.2 =

54

57

* Fixed: fixed minor bug;

button-generation/trunk/button-generation.php

r2640129

r2641639

4

4

* Plugin URI: https://wordpress.org/plugins/button-generation/

5

5

* Description: Easy generation of custom buttons.

6

* Version: 2.3.2

6

* Version: 2.3.3

7

7

* Author: Wow-Company

8

8

* Author URI: https://wow-estore.com/

69

69

                    'prefix'    => self::PREF, // Prefix for database

70

70

                    'text'      => 'button\_generator',    // Text domain for translate files

71

                    'version'   => '2.3.2', // Current version of the plugin

71

                    'version'   => '2.3.3', // Current version of the plugin

72

72

                    'file'      => \_\_FILE\_\_, // Main file of the plugin

73

73

                    'slug'      => dirname( plugin\_basename( \_\_FILE\_\_ ) ), // Name of the plugin folder

button-generation/trunk/includes/about/main.php

r2422113

r2641639

17

17

?>

18

18

<style>

19

.about-wrap .wow-badge {

20

position: absolute;

21

top: 0;

22

right: 0;

23

}

19

.about-wrap .wow-badge {

20

    position: absolute;

21

    top: 0;

22

    right: 0;

23

}

24

24

25

.wow-badge {

26

background: url(<?php echo esc\_url( $logo );?>) center 15px no-repeat #1f9ef8;

27

background-size: 100px 100px;

28

color: #ffffff;

29

font-size: 14px;

30

text-align: center;

31

font-weight: 600;

32

margin: 5px 0 0;

33

padding-top: 120px;

34

height: 40px;

35

display: inline-block;

36

width: 140px;

37

text-rendering: optimizeLegibility;

38

box-shadow: 0 1px 3px rgba(0, 0, 0, .2);

39

}

25

.wow-badge {

26

    background: url(<?php echo esc\_url( $logo );?>) center 15px no-repeat #1f9ef8;

27

    background-size: 100px 100px;

28

    color: #ffffff;

29

    font-size: 14px;

30

    text-align: center;

31

    font-weight: 600;

32

    margin: 5px 0 0;

33

    padding-top: 120px;

34

    height: 40px;

35

    display: inline-block;

36

    width: 140px;

37

    text-rendering: optimizeLegibility;

38

    box-shadow: 0 1px 3px rgba(0, 0, 0, .2);

39

}

40

40

41

.wow-subscribe {

42

padding: 5px 7px;

43

border-radius: 5px;

44

border: 1px solid #ccc;

45

text-decoration: none;

46

font-size: 14px;

47

line-height: 14px;

48

color: #999;

49

}

41

.wow-subscribe {

42

    padding: 5px 7px;

43

    border-radius: 5px;

44

    border: 1px solid #ccc;

45

    text-decoration: none;

46

    font-size: 14px;

47

    line-height: 14px;

48

    color: #999;

49

}

50

50

51

.wow-subscribe::before {

52

font-family: dashicons;

53

font-size: 12px;

54

line-height: 14px;

55

}

51

.wow-subscribe::before {

52

    font-family: dashicons;

53

    font-size: 12px;

54

    line-height: 14px;

55

}

56

56

57

.button-pro {

58

vertical-align: top;

59

display: inline-block;

60

text-decoration: none;

61

font-size: 13px;

62

line-height: 26px;

63

height: 28px;

64

margin: 0;

65

padding: 0 10px 1px;

66

cursor: pointer;

67

border-width: 0;

68

border-style: solid;

69

\-webkit-appearance: none;

70

\-webkit-border-radius: 3px;

71

border-radius: 3px;

72

white-space: nowrap;

73

\-webkit-box-sizing: border-box;

74

\-moz-box-sizing: border-box;

75

box-sizing: border-box;

76

color: #fff !important;

77

background: #37c781;

78

}

57

.button-pro {

58

    vertical-align: top;

59

    display: inline-block;

60

    text-decoration: none;

61

    font-size: 13px;

62

    line-height: 26px;

63

    height: 28px;

64

    margin: 0;

65

    padding: 0 10px 1px;

66

    cursor: pointer;

67

    border-width: 0;

68

    border-style: solid;

69

    \-webkit-appearance: none;

70

    \-webkit-border-radius: 3px;

71

    border-radius: 3px;

72

    white-space: nowrap;

73

    \-webkit-box-sizing: border-box;

74

    \-moz-box-sizing: border-box;

75

    box-sizing: border-box;

76

    color: #fff !important;

77

    background: #37c781;

78

}

79

79

80

.button-pro:hover {

81

background: #303030;

82

}

80

.button-pro:hover {

81

    background: #303030;

82

}

83

83

84

.button-pro:active {

85

background: #303030;

86

}

87

.wow-thank-you {

88

color: #777777;

89

font-style: italic;

90

}

84

.button-pro:active {

85

    background: #303030;

86

}

87

88

.wow-thank-you {

89

    color: #777777;

90

    font-style: italic;

91

}

92

91

93

.about-wrap {

92

    margin: 0 auto;

94

    margin: 0 auto 3rem;

93

95

}

94

96

</style>

96

98

97

99

<div class="wrap full-width-layout">

98

<div class="about-wrap">

100

<div class="about-wrap">

99

101

100

102

101

<h1><?php esc_attr_e( 'Welcome’, $this->text_domain ); ?> </h1>

103

    <h1><?php esc\_attr\_e( 'Welcome', $this->text\_domain ); ?> </h1>

102

104

103

<p class="about-text">

104

    <?php esc\_attr\_e( 'Congratulations! You are about to use one of the plugins from Wow-Company.', $this->text\_domain ); ?> </p>

105

<p>

106

<a href="https://www.facebook.com/wowaffect/" class="wow-subscribe" target="\_blank">Stay in touch <span

107

    class="dashicons dashicons-facebook-alt"></span></a>

108

</p>

109

<span class="wow-badge">Wow-Company</span>

110

</div>

111

<?php

112

$current = ( isset( $\_GET\['tab'\] ) ) ? sanitize\_text\_field( wp\_unslash( $\_GET\['tab'\] ) ) : 'wow-plugins';

113

$tabs    = array(

114

    'wow-plugins' => \_\_( 'Plugins', $this->text\_domain ),

105

    <p class="about-text">

106

        <?php esc\_attr\_e( 'Congratulations! You are about to use one of the plugins from Wow-Company.', $this->text\_domain ); ?>

107

    </p>

108

    <p>Several plugins below has free and pro versions you can install it and hopefully useful. Enjoy it.</p>

109

    <span class="wow-badge">Wow-Company</span>

110

</div>

111

<div class="stem-content">

112

    <?php include( 'wow-plugins.php' ); ?>

113

</div>

115

114

116

);

117

118

echo '<h2 class="nav-tab-wrapper wp-clearfix">';

119

foreach ( $tabs as $tab => $name ) {

120

    $class = ( $tab === $current ) ? ' nav-tab-active' : '';

121

    echo '<a class="nav-tab' . esc\_attr( $class ) . '" href="?page=wow-company&tab=' . esc\_attr( $tab ) . '">' .

122

         esc\_attr( $name ) . '</a>';

123

}

124

echo '</h2>';

125

126

echo '<div class="stem-content">';

127

include( $current . '.php' );

128

echo '</div>';

129

?>

130

115

</div>

131

116

button-generation/trunk/includes/about/wow-plugins.php

r2422113

r2641639

71

71

}

72

72

</style>

73

<h3>Several plugins below has free and pro versions you can install it and hopefully useful. Enjoy it.</h3>

73

74

74

75

75

<div class="theme-browser">

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE