admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-5772.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

1013 B
Raw Blame History

CVE-2023-5772

Description

The Debug Log Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. This is due to missing or incorrect nonce validation on the clear_log() function. This makes it possible for unauthenticated attackers to clear the debug log via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

POC

Reference

Github

No PoCs found on GitHub currently.