Dream Gallery WordPress Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Dream Gallery plugin for WordPress, affecting all versions through 1.0. The issue arises from inadequate nonce validation on the 'dreampluginsmain' AJAX action, allowing unauthenticated attackers to manipulate the plugin's settings. Exploitation requires tricking a site administrator into clicking a link, which could lead to the injection of malicious scripts that are stored and executed later.

Impact

Exploitation of this vulnerability could result in Cross-Site Scripting (XSS) attacks, where injected scripts are executed in the context of the user.

Reproduction

To reproduce this vulnerability, an attacker must send a forged request to the 'dreampluginsmain' AJAX action without a valid nonce. This can be done by tricking an administrator into clicking a link that triggers the request, such as through a phishing email or a malicious website.

Remediation

No known patch is available for this vulnerability. It is recommended to uninstall the affected plugin and find a replacement.