WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
BID:69741
Info
WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
| Bugtraq ID: | 69741 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 08 2014 12:00AM |
| Updated: | Sep 08 2014 12:00AM |
| Credit: | Voxel@Night |
| Vulnerable: |
WordPress WP to Twitter 2.9.3 |
| Not Vulnerable: | |
Discussion
WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
WP to Twitter Plugin for WordPress is prone to an authorization-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
WP to Twitter 2.9.3 is vulnerable; other versions may also be affected.
WP to Twitter Plugin for WordPress is prone to an authorization-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
WP to Twitter 2.9.3 is vulnerable; other versions may also be affected.
Exploit / POC
WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
The following proof-of-concept is available:
The following proof-of-concept is available:
Solution / Fix
WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
WordPress WP to Twitter Plugin Authorization Bypass Vulnerability
References:
References:
- WordPress HomePage (WordPress)
- WordPress Plugin Vulnerability Dump - Part 2 (SecLists.Org)
- WP to Twitter Plugin Home Page (WordPress)