3DPrint < 3.5.6.9 - CSRF to arbitrary file downlad

The 3DPrint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will create an archive of any files or directories on the target server by tricking a logged in admin into submitting a form. Furthermore the created archive has a predictable location and name, allowing the attacker to download the file if they know the time at which the form was submitted, making it possible to leak sensitive files like the WordPress configuration containing database credentials and secrets.

N/A

N/A

WordPress plugin 3DPrint 跨站请求伪造漏洞

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin 3DPrint 3.5.6.9之前版本存在跨站请求伪造漏洞，该漏洞源于无法防止CSRF攻击，从而允许攻击者制作恶意请求，在目标服务器上创建任何文件或目录的存档。

N/A

N/A