Login

Tag Archives: Cross-Site Request Forgery (CSRF)/Information Disclosure

12 Jul 2023

Information Disclosure Vulnerability in Ninja Forms Incompletely Fixed

The recent version 3.6.26 of the WordPress plugin Ninja Forms includes what the developer describes as a number of “security enhancements”. One of those being “[p]revent unauthorized download of submission”. That sounds less like an enhancement and more of a vulnerability. We confirmed it was a vulnerability and that it had been incompletely fixed.

Looking at the changes made in that version, we found that this appeared to relate to legacy functionality that still exists in the plugin despite not normally being used. [Read more]

4 Mar 2020

Authenticated Information Disclosure Vulnerability in WP Ultimate Exporter

On Monday while looking into why the plugin WP Ultimate CSV Importer was being targeted by a hacker we noticed that the companion plugin WP Ultimate Exporter is similarly insecure and contains an authenticated information disclosure vulnerability, which can also be exploited through cross-site request forgery (CSRF). This isn’t the first time we found an issue with this plugin and we put out a general warning about the security of the developer’s plugins back in 2016.

The plugin registers the function parseData() to be accessible through WordPress’ AJAX functionality to anyone logged in to WordPress: [Read more]