WP DSGVO Tools (GDPR) <= 3.1.23 Unauthenticated Arbitrary Post Deletion

WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-dismiss-unsubscribe‘, which lacked a capability check and a nonce check and was available to unauthenticated users, and did not check the post type when deleting unsubscription requests. As such, it was possible for an attacker to permanently delete an arbitrary post or page on the site by sending an AJAX request with the “action” parameter set to “admin-dismiss-unsubscribe” and the “id” parameter set to the post to be deleted. Sending such a request would move the post to the trash, and repeating the request would permanently delete the post in question.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

访问控制不恰当

WordPress 访问控制错误漏洞

WordPress是WordPress（Wordpress）基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress DSGVO Tools 3.1.23及之前版本存在访问控制错误漏洞，该漏洞源于应用缺少能力检查和随机数检查，可供未经身份验证的用户使用，并且在删除取消订阅时不检查帖子类型要求。

N/A

N/A