SVG Map WordPress Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the SVG Map Plugin for WordPress, affecting all versions up to and including 1.0.0. The vulnerability arises from inadequate nonce validation on several AJAX actions, including 'save_data', 'delete_data', and 'add_popup'. This flaw allows unauthenticated attackers to manipulate the plugin's settings, remove map data, and inject harmful web scripts through a forged request, provided they can deceive a site administrator into taking a specific action, such as clicking a link.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in the plugin's settings, deletion of map data, and the introduction of malicious scripts that could be executed in the context of the user.

Reproduction

To reproduce this vulnerability, an attacker must craft a forged request that exploits the missing nonce validation on the vulnerable AJAX actions. This request can be sent to the WordPress site, targeting an administrator who is tricked into clicking a link or performing an action that triggers the AJAX call. Once the request is processed, the attacker's desired changes will be applied, such as updating plugin settings or deleting map data.