Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-0313: Changeset 2661431 – WordPress Plugin Repository

The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack

CVE
Open in Source
#csrf

Legend:

Unmodified

Added

Removed

  • float-menu/trunk/README.txt

    r2643285

    r2661431

6

6

Tested up to: 5.8

7

7

Requires PHP: 5.6

8

 

Stable tag: 4.3

 

8

Stable tag: 4.3.1

9

9

License: GPLv2 or later

10

10

License URI: http://www.gnu.org/licenses/gpl-2.0.html

…

…

 

104

104

105

105

\== Changelog ==

 

106

\= 4.3.1 =

 

107

Fixed: security update

 

108

106

109

\= 4.3 =

107

110

\* Added: added the ability to add a shortcode to pages

  • float-menu/trunk/admin/class-list-table.php

    r2612923

    r2661431

114

114

            'duplicate' => '<a href="' . esc\_url( $duplicate\_url ) . '" style="color:green;">' . esc\_attr\_\_( 'Duplicate', $this->plugin\['text'\] )

115

115

                           . '</a>',

116

 

            'delete'    => '<a href="' . esc\_url( $delete\_url ) . '" style="color:red;">' . esc\_attr\_\_( 'Delete', $this->plugin\['text'\] ) . '</a>',

 

116

            'delete'    => '<a href="' . esc\_url( wp\_nonce\_url($delete\_url, $slug . '\_nonce' ) ) . '" style="color:red;">' . esc\_attr\_\_( 'Delete', $this->plugin\['text'\] ) . '</a>',

117

117

        );

118

118

  • float-menu/trunk/admin/page-main.php

    r2612923

    r2661431

24

24

} elseif ( $info == 'delete' ) {

25

25

    $delid = absint( $\_GET\['did'\] );

26

 

    $wpdb->delete( $data, \[ 'id' => $delid \], \[ '%d' \] );

27

 

    echo '<div class="updated" id="message"><p><strong>' . esc\_attr\_\_( 'Item Deleted', $this->plugin\['text'\] ) . '</strong>.</p></div>';

 

26

    if ( ! empty( $\_GET\['\_wpnonce'\] ) && wp\_verify\_nonce( $\_GET\['\_wpnonce'\], $this->plugin\['slug'\] . '\_nonce' ) ) {

 

27

        $wpdb->delete( $data, \[ 'id' => $delid \], \[ '%d' \] );

 

28

        echo '<div class="updated" id="message"><p><strong>' . esc\_attr\_\_( 'Item Deleted', $this->plugin\['text'\] ) . '</strong>.</p></div>';

 

29

    }

 

30

28

31

}

29

32

  • float-menu/trunk/float-menu.php

    r2643285

    r2661431

4

4

 \* Plugin URI:        https://wordpress.org/plugins/float-menu/

5

5

 \* Description:       Easily create floating menus of varying complexity

6

 

 \* Version:           4.3

 

6

 \* Version:           4.3.1

7

7

 \* Author:            Wow-Company

8

8

 \* Author URI:        https://wow-estore.com

…

…

 

57

57

                        'prefix'    => self::PREF, // Prefix for database

58

58

                        'text'      => 'float-menu',    // Text domain for translate files

59

 

                        'version'   => '4.3', // Current version of the plugin

 

59

                        'version'   => '4.3.1', // Current version of the plugin

60

60

                        'file'      => \_\_FILE\_\_, // Main file of the plugin

61

61

                        'slug'      => dirname( plugin\_basename( \_\_FILE\_\_ ) ), // Name of the plugin folder

Note: See TracChangeset for help on using the changeset viewer.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE