Skip to content

Instantly share code, notes, and snippets.

@Xib3rR4dAr

Xib3rR4dAr/WP_theme_Networker__Improper-Access-Control-Allowing-Unauthenticated-Modification-of-Display-location-of-any-menu.md Secret

Last active February 5, 2024 13:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Xib3rR4dAr/f5f5d07263fdac28b6e9ba2f6c4e4523 to your computer and use it in GitHub Desktop.
Save Xib3rR4dAr/f5f5d07263fdac28b6e9ba2f6c4e4523 to your computer and use it in GitHub Desktop.
Download ZIP
WP Networker theme <= 1.1.9 - Improper Access Control Allowing Unauthenticated Modification of Display location of any menu
Raw
WP_theme_Networker__Improper-Access-Control-Allowing-Unauthenticated-Modification-of-Display-location-of-any-menu.md

WordPress Networker theme <= 1.1.9 - Improper Access Control Allowing Unauthenticated Modification of Display location of any menu

Exploit TitleWordPress Networker theme <= 1.1.9 - Improper Access Control Allowing Unauthenticated Modification of Display location of any menu
Exploit AuthorMuhammad Zeeshan (Xib3rR4dAr)
DateJanuary 26, 2024
Theme Linkhttps://themeforest.net/item/networker-tech-news-wordpress-theme-with-dark-mode/28749988
Version1.1.9 (latest version at time of vulnerability discovery)
Tested onWordpress 6.4.3
Vulnerable Endpoint/wp-admin/admin-ajax.php?action=csco_reload_menu
Vulnerable Filenetworker/inc/mega-menu.php#L86
CVENot assigned yet

Fix

Remove following from line 86 of wp-content/themes/networker/inc/mega-menu.php so that action is not accessible without authentication.

add_action( 'wp_ajax_nopriv_csco_reload_menu', array( $this, 'admin_reload_nav_menu' ) );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment