Htaccess by BestWebSoft <= 1.8.1 - CSRF to edit .htaccess



Description
Edit (WPScanTeam): The plugin is still affected, WP plugin team has been notified on February 6th, 2020
Proof of Concept The PoC will be displayed once the issue has been remediated.

Affects Plugin

References

CVE 2020-8658
URL https://github.com/V1n1v131r4/Exploiting-WP-Htaccess-by-BestWebSoft-Plugin/blob/master/README.md

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Original Researcher V1n1v131r4
Views 3026
Verified Yes
WPVDB ID 10060

Timeline

Publicly Published 2020-02-01 (20 days ago)
Added 2020-02-06 (14 days ago)
Last Updated 2020-02-07 (13 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin