Umstellung der Verlinkung und die dazugehörige Formulare mit Nonces
|Reported by:||t.goetzrath||Owned by:||d.schmitzer|
siehe hierzu: https://codex.wordpress.org/WordPress_Nonces
During our monitoring of changes made to WordPress plugins in the Plugin Directory we found a cross-site request forgery (CSRF)/arbitrary file upload vulnerability in your wpShopGermany Free plugin.
When uploading files through the page /wp-admin/admin.php?page=wpsg-Admin&subaction=widerrufsbelehrung there is no protection against cross-site request forgery (CSRF), so it would be possible for an attacker to cause someone logged in to WordPress as Administrator to upload files they didn't intend. It looks like the lack of protection against CSRF is an issue with other parts of the plugin as well. Fixing the CSRF issue would take care of this, but if possible it would be a good idea to restrict what types of files can be uploaded as well.
If you have any questions or need help in dealing with this issue, please feel free to get back to us.
Due to our need to inform our customers of vulnerabilities in plugins they may be using in a timely basis, our policy is to disclose a vulnerability no later than 30 days after we have notified the developer of it and 7 days after notifying if we don't receive any response from the developer. So if this is not going to be fixed in the next 7 days please let us know and we will hold back disclosure until after it is fixed or 30 days, whichever comes first.