CVE-2023-3977

Summary

Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for unauthenticated attackers to install plugins from the limited list via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Affected Software

VendorProductVersion RangeStatus
inisevRedirection0 <= 1.1.3affected
inisevPop-up0 <= 1.1.9affected
inisevBackupBliss – Backup & Migration with Free Cloud Storage0 <= 1.2.7affected
inisevDuplicate Post0 <= 1.3.9affected
cl272Enhanced Text Widget0 <= 1.5.7affected
cl272Ultimate Posts Widget0 <= 2.2.4affected
migrateClone0 <= 2.3.7affected
inisevSocial Media Share Buttons & Social Sharing Icons0 <= 2.8.1affected
steve85bSSL Mixed Content Fix0 <= 3.2.3affected
inisevSocial Share Icons & Social Share Buttons0 <= 3.5.7affected
s-feedsRSS Redirect & Feedburner Alternative0 <= 3.7affected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References