Custom Simple RSS <= 2.0.6 - CSRF



Description
CSRF issue in the Custom Simple Rss Plugin
Proof of Concept
https://youtu.be/R0V_rTpjaRg
https://gofile.io/?c=jmVseA - CSRF html file

Affects Plugin

fixed in version 2.0.7

References

CVE 2019-14327

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Original Researcher rubyman
Submitter rubyman
Submitter Website https://www.linkedin.com/in/mehdi-esmaeilpour-a9b633141/
Submitter Twitter https://twitter.com/rrubymann
Views 3986
Verified No
WPVDB ID 9483

Timeline

Publicly Published 2019-07-27 (4 months ago)
Added 2019-07-27 (4 months ago)
Last Updated 2019-07-29 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin