{"id":19220,"date":"2025-04-07T17:15:48","date_gmt":"2025-04-07T17:15:48","guid":{"rendered":""},"modified":"2025-06-24T17:20:20","modified_gmt":"2025-06-24T23:20:20","slug":"cve-2023-6532-cross-site-request-forgery-vulnerability-in-wp-blogs-planetarium-wordpress-plugin-vulnerability-summary","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-6532-cross-site-request-forgery-vulnerability-in-wp-blogs-planetarium-wordpress-plugin-vulnerability-summary\/","title":{"rendered":"CVE-2023-6532: Cross-Site Request Forgery Vulnerability in WP Blogs&#8217; Planetarium WordPress Plugin"},"content":{"rendered":"\n<p><strong>Vulnerability Summary<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE ID:<\/strong> CVE-2023-6532<\/li>\n\n\n\n<li><strong>Severity:<\/strong> High (CVSS 3.1 Score: 8.8)<\/li>\n\n\n\n<li><strong>Attack Vector:<\/strong> <a class=\"wpil_keyword_link\" href=\"https:\/\/www.ameeba.com\"   title=\"Network\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24327\">Network<\/a><\/li>\n\n\n\n<li><strong>Privileges Required:<\/strong> None<\/li>\n\n\n\n<li><strong>User Interaction:<\/strong> Required<\/li>\n\n\n\n<li><strong>Impact:<\/strong> Potential unauthorized changes to plugin settings via <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50932-csrf-attack-on-savignano-s-notify-for-confluence\/\"  data-wpil-monitor-id=\"33548\">CSRF attack<\/a><\/li>\n<\/ul>\n\n\n\n<p><strong>Affected Products<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Product<\/th><th>Affected Versions<\/th><\/tr><\/thead><tbody><tr><td>WP Blogs&#8217; Planetarium <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-6140-arbitrary-file-upload-vulnerability-in-essential-real-estate-wordpress-plugin\/\"  data-wpil-monitor-id=\"24577\">WordPress Plugin<\/a><\/td><td>Versions \u2264 1.0<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>How the Exploit Works<\/strong><\/p>\n\n\n\n<p>The WP Blogs&#8217; Planetarium plugin lacks proper <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-50930-cross-site-request-forgery-csrf-in-savignano-s-notify-leading-to-configuration-tampering-and-potential-data-leakage\/\"  data-wpil-monitor-id=\"31985\">Cross-Site Request Forgery<\/a> (CSRF) checks when updating its settings. An attacker can <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-47992-critical-buffer-overflow-vulnerability-exploit-in-freeimage-library\/\"  data-wpil-monitor-id=\"25597\">exploit this vulnerability<\/a> by tricking a logged-in administrator into clicking a malicious link or visiting a crafted webpage. This action could result in unauthorized changes to the plugin&#8217;s settings without the administrator&#8217;s knowledge or consent.\u200b<a href=\"https:\/\/www.rainforest.tech\/cves\/CVE-2023-6532.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">NVD+2Rainforest Technologies+2GitHub+2<\/a><\/p>\n\n\n\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-4030691218\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n\n\n\n<p>An attacker might <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-24189-memory-corruption-vulnerability-due-to-maliciously-crafted-web-content-in-various-operating-systems\/\"  data-wpil-monitor-id=\"61183\">craft a malicious<\/a> HTML page as follows:\u200b<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">htmlCopyEdit<code class=\"\" data-line=\"\">&lt;html&gt;\n  &lt;body onload=&quot;document.forms[0].submit()&quot;&gt;\n    &lt;form action=&quot;https:\/\/victim-site.com\/wp-admin\/admin-post.php&quot; method=&quot;POST&quot;&gt;\n      &lt;input type=&quot;hidden&quot; name=&quot;action&quot; value=&quot;update_planetarium_settings&quot;&gt;\n      &lt;input type=&quot;hidden&quot; name=&quot;setting1&quot; value=&quot;malicious_value&quot;&gt;\n      &lt;!-- Additional hidden fields as required --&gt;\n    &lt;\/form&gt;\n  &lt;\/body&gt;\n&lt;\/html&gt;\n<\/code><\/pre>\n\n\n\n<p>When the administrator visits this page while logged in, the form auto-submits, sending a POST request to the vulnerable plugin <a class=\"wpil_keyword_link\" href=\"https:\/\/ameeba.com\"   title=\"endpoint\" data-wpil-keyword-link=\"linked\"  data-wpil-monitor-id=\"24328\">endpoint<\/a>, thereby altering its settings.\u200b<\/p>\n\n\n\n<p><strong>Potential Risks<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2815-unauthorized-modification-of-data-in-administrator-z-wordpress-plugin\/\"  data-wpil-monitor-id=\"29777\">Unauthorized modification<\/a> of plugin settings\u200b<\/li>\n\n\n\n<li>Potential <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-3529-sensitive-information-exposure-in-wordpress-simple-shopping-cart-plugin\/\"  data-wpil-monitor-id=\"42054\">exposure of sensitive<\/a> information\u200b<\/li>\n\n\n\n<li>Disruption of website functionality\u200b<a href=\"https:\/\/www.rainforest.tech\/cves\/CVE-2023-6532.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Rainforest Technologies+1NVD+1<\/a><\/li>\n\n\n\n<li>Foundation for further attacks exploiting altered configurations\u200b<a href=\"https:\/\/www.rainforest.tech\/cves\/CVE-2023-6532.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Rainforest Technologies<\/a><\/li>\n<\/ul>\n\n\n\n<p><strong>Mitigation Recommendations<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Update the Plugin:<\/strong> If an updated version is available, apply the patch that addresses this vulnerability.\u200b<\/li>\n\n\n\n<li><strong>Implement CSRF Protection:<\/strong> Ensure that all form submissions include nonces or tokens to validate legitimate requests.\u200b<\/li>\n\n\n\n<li><strong>Educate Administrators:<\/strong> Advise administrators to avoid clicking on suspicious links or visiting untrusted websites while logged into the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-3211-unauthenticated-sql-injection-vulnerability-in-wordpress-database-administrator-plugin\/\"  data-wpil-monitor-id=\"29973\">WordPress<\/a> admin panel.\u200b<\/li>\n\n\n\n<li><strong>Use Security Plugins:<\/strong> Employ WordPress security plugins that offer CSRF protection and monitor for suspicious activities.\u200b<a href=\"https:\/\/www.rainforest.tech\/cves\/CVE-2023-6532.html?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Rainforest Technologies<\/a><\/li>\n<\/ul>\n\n\n\n<p><strong>Conclusion<\/strong><\/p><div id=\"ameeb-2001611027\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n\n\n\n<p>CVE-2023-6532 highlights the importance of implementing proper <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-41661-unauthenticated-remote-command-execution-vulnerability-due-to-csrf-in-main-web-interface\/\"  data-wpil-monitor-id=\"61182\">CSRF protections in web<\/a> applications. The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2005-critical-vulnerability-in-the-wordpress-plugin-front-end-users-feup\/\"  data-wpil-monitor-id=\"26011\">vulnerability in the WP Blogs&#8217; Planetarium plugin<\/a> allows attackers to manipulate plugin settings through crafted requests, posing significant risks to website integrity. Administrators should promptly apply available patches and adhere to best security practices to mitigate such threats.\u200b<a href=\"https:\/\/github.com\/advisories\/GHSA-6xcx-h3hh-6q6h?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noreferrer noopener\">Rainforest Technologies+2GitHub+2NVD+2<\/a><\/p>\n\n\n\n<p><strong>References<\/strong><\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/www.rainforest.tech\/cves\/CVE-2023-6532.html\">Rainforest Technologies \u2013 CVE-2023-6532<\/a><\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-6532\">NVD \u2013 CVE-2023-6532<\/a><\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/wpscan.com\/vulnerability\/05a730bc-2d72-49e3-a608-e4390b19e97f\">WPScan Advisory<\/a><\/p>\n\n\n\n<p><a class=\"\" href=\"https:\/\/github.com\/advisories\/GHSA-6xcx-h3hh-6q6h\">GitHub Advisory Database<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Summary Affected Products Product Affected Versions WP Blogs&#8217; Planetarium WordPress Plugin Versions \u2264 1.0 How the Exploit Works The WP Blogs&#8217; Planetarium plugin lacks proper Cross-Site Request Forgery (CSRF) checks when updating its settings. An attacker can exploit this vulnerability by tricking a logged-in administrator into clicking a malicious link or visiting a crafted [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[79],"product":[],"attack_vector":[90],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-19220","post","type-post","status-publish","format-standard","hentry","category-uncategorized","vendor-github","attack_vector-csrf"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/19220","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=19220"}],"version-history":[{"count":19,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/19220\/revisions"}],"predecessor-version":[{"id":54860,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/19220\/revisions\/54860"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=19220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=19220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=19220"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=19220"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=19220"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=19220"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=19220"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=19220"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=19220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}