Description

The Games Catalog plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the gc_crud() function which handles the delete action (action=delete) via a GET request without any wp_verify_nonce() / check_admin_referer() call. This makes it possible for unauthenticated attackers to delete arbitrary game catalog entries (including the associated WordPress post created for the game) via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.

Type de vulnérabilité

• CWE-352

Vecteur d'attaque

Complexité : LOW

Privilèges requis : NONE

Interaction utilisateur : REQUIRED

Impact

• Confidentialité : NONE
• Intégrité : LOW
• Disponibilité : NONE

Recommandations

Appliquer les correctifs de sécurité fournis par le vendeur dès que possible.