Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / wordpress / WordPress 3.3.1 Suffers Multiple CSRF Vulnerabilities

WordPress 3.3.1 Suffers Multiple CSRF Vulnerabilities

Posted by Deepanker Verma Sunday, April 29, 2012 0 comments


WordPress version 3.3.1 suffers from multiple cross site request forgery vulnerabilities. These CSRF vulnerabilities allow attackers to add administrators/users, delete administrators/users, change post title, approve and unapprove comment, delete comment, change background image, change Site Address, insert custom header image, change site title, change administrator's email, change Wordpress Address, when an authenticated user/admin browses a special crafted web page. There may be some other parameters which can be modified by this CSRF vulnerability.

These vulnerabilities are found by Ivano Binetti (http://www.ivanobinetti.com).
According to research, this CSRF vulnerability is caused by a security flaw in anti-CSRF token (_wpnonce, _wpnonce_create-user, _ajax_nonce, _wpnonce-custom-background-upload, _wpnonce-custom-header-upload) generation.

This vulnerability allows an attacker, who has sniffed anti-CSRF token, to have 12 hour to perform a CSRF attack and perform following operations:
  • ·         Add Admin/User
  • ·         Delete Admin/User
  • ·         Approve comment
  • ·         Unapprove comment
  • ·         Delete comment
  • ·         Change background image
  • ·         Insert custom header image
  • ·         Change site title
  • ·         Change administrator's email
  • ·         Change WordPress Address
  • ·         Change Site Address

·         Other operations (like insert a new post) are not affected by this CSRF vulnerability.

Webmasters, running WordPress version 3.3.1 for their website and blog,  are advised to upgrade to the latest version of the WordPress.

Read More


Categories: , ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz