CVE-2023-7065
Wordfence
The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.4. This is due to missing or incorrect nonce validation on the sfs_process AJAX action. This makes it possible for unauthenticated attackers to add arbitrary IPs to the plugin's allowlist and blocklist via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Problem type
- CWE-352 Cross-Site Request Forgery (CSRF)
Affected products
mcitar
Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms
<= 2024.4 - AFFECTED
References
wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/1998cadb-2eb3-4819-aa7c-59e4f777c7f8?source=cve
plugins.trac.wordpress.org
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3080581%40stop-spammer-registrations-plugin&new=3080581%40stop-spammer-registrations-plugin&sfp_email=&sfph_mail=
JSON source
Click to expand
{ "dataType": "CVE_RECORD", "containers": { "cna": { "credits": [ { "lang": "en", "type": "finder", "value": "Lucio Sá" } ], "metrics": [ { "cvssV3_1": { "version": "3.1", "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } } ], "affected": [ { "vendor": "mcitar", "product": "Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms", "versions": [ { "status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2024.4" } ], "defaultStatus": "unaffected" } ], "timeline": [ { "lang": "en", "time": "2024-05-03T00:00:00.000+00:00", "value": "Disclosed" } ], "references": [ { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1998cadb-2eb3-4819-aa7c-59e4f777c7f8?source=cve" }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3080581%40stop-spammer-registrations-plugin&new=3080581%40stop-spammer-registrations-plugin&sfp_email=&sfph_mail=" } ], "descriptions": [ { "lang": "en", "value": "The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.4. This is due to missing or incorrect nonce validation on the sfs_process AJAX action. This makes it possible for unauthenticated attackers to add arbitrary IPs to the plugin's allowlist and blocklist via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." } ], "problemTypes": [ { "descriptions": [ { "lang": "en", "description": "CWE-352 Cross-Site Request Forgery (CSRF)" } ] } ], "providerMetadata": { "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-05-04T07:36:21.368Z" } } }, "cveMetadata": { "cveId": "CVE-2023-7065", "state": "PUBLISHED", "dateUpdated": "2024-05-04T07:36:21.368Z", "dateReserved": "2023-12-21T18:42:12.264Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-05-04T07:36:21.368Z", "assignerShortName": "Wordfence" }, "dataVersion": "5.0" }