Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 24 May 2015 07:20:32 +0200
From: 0pc0deFR <0pc0defr@...il.com>
To: OSS Securty <oss-security@...ts.openwall.com>
Cc: cve-assign@...re.org
Subject: CVE Request for WP Fastest Cache plugin

CSRF vulnerability was found in WP Fastest Cache 0.8.3.4 plugin.

The vuln is found in admin.php:
        public function optionsPageRequest(){
            if(!empty($_POST)){
                if(isset($_POST["wpFastestCachePage"])){

if(preg_match("/admin\.php\?page=WpFastestCacheOptions/",
$_SERVER["REQUEST_URI"])){
                        if($_POST["wpFastestCachePage"] == "options"){
                            $this->saveOption();
                        }else if($_POST["wpFastestCachePage"] ==
"deleteCache"){
                            $this->deleteCache();
                        }else if($_POST["wpFastestCachePage"] ==
"deleteCssAndJsCache"){
                            $this->deleteCssAndJsCache();
                        }else if($_POST["wpFastestCachePage"] ==
"cacheTimeout"){
                            $this->addCacheTimeout();
                        }
                    }else{
                        die("Forbidden");
                    }
                }
            }
        }

The vuln is patched in 0.8.3.5 version.

--
Cordialement,

KÚvin FALCOZ alias 0pc0deFR - Consultant Expert WordPress -
http://wordpress-expertise.fr

--
Regards,

KÚvin FALCOZ aka 0pc0deFR - WordPress Expert Consultant -
http://wordpress-expertise.fr

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ