awesomemotive / wp-mail-logging

:envelope: Logs each email sent by WordPress.
49 stars 24 forks source link

Missing Security Checks for AJAX Accessible Functions #159

Closed PluginVulnerabilities closed 1 year ago

PluginVulnerabilities commented 1 year ago

While reviewing a vague claim from a problematic security provider that the latest version of the plugin fixed a vulnerability, we ran across a minor security issue that still exists. The AJAX accessible function feedback_notice_dismiss() in the file /src/WPML_UserFeedback.php is lacking both a capabilities check and a nonce check to prevent cross-site request forgery (CSRF). That isn't a big deal based on what can be done through that, but it still should have those security checks.

The AJAX accessible function product_education_dismiss() in the file /src/WPML_ProductEducation.php also is lacking a capabilities check. It does have a nonce check.