Frontend Post Submission Manager Lite Missing Authorization Vulnerability Allowing Unauthenticated Post Modification
Vulnerability
A vulnerability exists in the Frontend Post Submission Manager Lite plugin for WordPress, in all versions through 1.2.5. The issue is caused by a lack of authorization checks in the post update functionality of the 'fpsml_form_process' AJAX action. This flaw enables unauthenticated users to modify any post by sending a 'post_id' parameter through the guest posting form. Attackers can change post titles, content, excerpts, and even remove post authors.
Impact
Exploitation of this vulnerability allows for unauthorized modification of WordPress posts, including changes to titles, content, excerpts, and authorship.
Reproduction
To reproduce this vulnerability, send a request to the 'fpsml_form_process' AJAX action without authentication. Include a 'post_id' parameter with the ID of the post to be modified, along with any desired changes to the post's title, content, excerpt, or author.
Remediation
Users are advised to update the Frontend Post Submission Manager Lite plugin to version 1.2.6 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.