WP Editor Cross-Site Request Forgery Vulnerability Allowing Remote Code Execution

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the WP Editor plugin for WordPress, affecting all versions through 1.2.9.2. The issue arises from inadequate nonce verification in the 'add_plugins_page' and 'add_themes_page' functions. This vulnerability enables unauthenticated attackers to overwrite any plugin or theme PHP file with malicious code, provided they can deceive a site administrator into clicking a link or performing a similar action.

Impact

Exploitation of this vulnerability allows for Cross-Site Request Forgery, leading to unauthorized actions being performed on behalf of the user, potentially including overwriting plugin or theme files with malicious code.

Reproduction

To reproduce this vulnerability, an attacker must craft a forged request that exploits the missing nonce verification. This can be done by tricking a site administrator into clicking a link that triggers the request, such as through a phishing email or a compromised website.

Remediation

Users are advised to update the WP Editor plugin to version 1.2.9.3 or a later patched version.