Maspik WordPress Plugin Missing Authorization Vulnerability Allows Spam Log Export

A missing authorization vulnerability has been identified in the Maspik plugin for WordPress, affecting versions through 2.5.6. The issue arises from inadequate capability checks in the 'Maspik_spamlog_download_csv' function. This flaw enables authenticated attackers with subscriber-level access or higher to export and download the spam log database. The exported log may contain blocked submission attempts, including legitimate submissions that were mistakenly classified as spam, potentially exposing sensitive information.

Impact

Exploitation of this vulnerability allows for unauthorized access to the spam log database, which could lead to the exposure of sensitive data.

Reproduction

To reproduce this vulnerability, an authenticated user with subscriber-level access or higher can request to download the spam log CSV file. This can be done by navigating to the Maspik log page in the WordPress admin area and clicking the 'Download CSV' button. The absence of proper authorization checks allows the export to proceed, even for users who should not have access to this data.

Remediation

Users are advised to update the Maspik WordPress plugin to version 2.5.7 or later.