DirectoryPress Frontend WordPress Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the DirectoryPress Frontend plugin for WordPress, affecting all versions through 2.7.9. The issue arises from inadequate nonce validation in the 'dpfl_listingStatusChange()' function, allowing unauthenticated attackers to manipulate listing statuses by tricking site administrators into clicking a link.

Impact

Exploitation of this vulnerability allows for unauthorized users to change listing statuses on behalf of an administrator.

Reproduction

To reproduce this vulnerability, an attacker must craft a request that mimics a legitimate action, such as changing the status of a listing. This request must be sent without a valid nonce, which is the security token that WordPress uses to verify the authenticity of requests. The attacker must then trick an administrator into clicking a link or performing an action that sends this forged request, such as through a phishing email or a compromised website.

Remediation

Users are advised to update the DirectoryPress Frontend plugin to version 2.8.0 or later.