CVE-2022-0770 CSRF leads to account takeover Wordpress plugin Gtranslate

1. Vulnerability Properties

Title: CSRF leads to account takeover Wordpress plugin Gtranslate
CVE ID: CVE-2022-0770
CVSSv3 Base Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Vendor: Translate AI Multilingual Solutions
Products: Wordpress Plugin Gtranslate
Advisory Release Date: 22-07-2022
Advisory URL: https://labs.integrity.pt/advisories/cve-2022-0770
Credits: Discovery by Diogo Real <dr[at]integrity.pt>

2. Vulnerability Summary

Due to a vulnerability of Cross-Site Request Forgery and a debug feature, it is possible for an attacker to create a malicious URL that if visited by the victim will write their authentication cookies to a file publicly available for an attacker leading to account takeover.

3. Vulnerable Versions

  • < 2.9.9

4. Solution

  • Update to version 2.9.9 or higher

5. Vulnerability Timeline

  • 27/Feb/22  - Bug reported
  • 27/Feb/22 - Bug verified
  • 22/Jul/22 - Advisory released

6. References

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0770
  • https://wpscan.com/vulnerability/49abe79c-ab1c-4dbf-824c-8daaac7e079d


© 2022 Integrity Part of Devoteam. All rights reserved. | Cookie Policy

Cookie Consent X

Integrity S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.