The LadiApp plugin for WordPress is vulnerable to Cross...
Moderate severity
Unreviewed
Published
Mar 12, 2024
to the GitHub Advisory Database
•
Updated Jan 15, 2025
Description
Published by the National Vulnerability Database
Mar 12, 2024
Published to the GitHub Advisory Database
Mar 12, 2024
Last updated
Jan 15, 2025
The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the publish_lp() function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to change the LadiPage key (a key fully controlled by the attacker), enabling them to freely create new pages, including web pages that trigger stored XSS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
References