The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/169d21fc-d191-46ff-82e8-9ac887aed8a4 | Exploit Third Party Advisory |
https://www.wordfence.com/blog/2021/03/two-vulnerabilities-patched-in-facebook-for-wordpress-plugin/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2021-04-12T14:01:34
Updated: 2021-04-12T14:01:34
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24218
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-12T14:15:15.337
Modified: 2021-04-20T02:06:55.647
Link: CVE-2021-24218
JSON object: View
Redhat Information
No data.
CWE