Frontend Post Submission Manager Lite WordPress Plugin Incorrect Authorization Vulnerability Allowing Unauthenticated Attachment Deletion
Vulnerability
A vulnerability exists in the Frontend Post Submission Manager Lite WordPress plugin, specifically in versions through 1.2.6. The issue arises from an incorrect authorization check in the 'media_delete_action' function, allowing unauthenticated users to delete arbitrary attachments. This flaw leads to unauthorized data loss.
Impact
Exploitation of this vulnerability allows for unauthorized deletion of attachments, potentially leading to loss of important media or data.
Reproduction
The vulnerability can be reproduced by sending a POST request to the 'wp_ajax_fpsml_media_delete_action' endpoint without proper authorization. The request must include the 'media_id' of the attachment to be deleted and a 'media_key' that matches the expected attachment code, which is derived from the attachment's date.
Remediation
Users are advised to update the Frontend Post Submission Manager Lite WordPress plugin to version 1.2.7 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.