Widget Context WordPress Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Widget Context plugin for WordPress, affecting all versions through 1.3.3. The issue arises from inadequate nonce validation in the 'save_widget_context_settings' function, allowing unauthenticated attackers to manipulate widget visibility settings stored in the WordPress options table. This can be achieved by sending a forged POST request to '/wp-admin/widgets.php', tricking a site administrator into clicking a link that initiates the request.

Impact

Exploitation of this vulnerability allows for unauthorized modification of widget context settings, which can disrupt the intended visibility and behavior of widgets on the site.

Reproduction

To reproduce this vulnerability, an attacker must send a forged POST request to the '/wp-admin/widgets.php' page. This request should include the 'wl' parameter with the desired widget context changes. The attack relies on convincing an administrator to click a link that triggers the request, bypassing the lack of proper nonce verification.

Remediation

Users are advised to update the Widget Context plugin to version 1.4.0 or later, where this vulnerability has been patched.