CVE-2021-20851 – This CSRF vulnerability in the Browser and Oper... (How to Fix)

📋 TL;DR

This CSRF vulnerability in the Browser and Operating System Finder WordPress plugin allows attackers to trick administrators into performing unintended actions. Attackers can hijack administrator sessions to modify plugin settings or potentially perform other administrative actions. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:

Browser and Operating System Finder WordPress Plugin

Versions: All versions prior to 1.2

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress administrator to be logged in and visit a malicious page while authenticated.

📦 What is this software?

Browser And Operating System Finder by Browser And Operating System Finder Project

View all CVEs affecting Browser And Operating System Finder →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site compromise through administrator account takeover, allowing attackers to install backdoors, modify content, or escalate privileges.

🟠

Likely Case

Unauthorized plugin configuration changes, potential data manipulation, or limited administrative actions performed without consent.

🟢

If Mitigated

No impact if proper CSRF protections are implemented or plugin is updated.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires social engineering to trick administrators into clicking malicious links while authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.2

Vendor Advisory: https://wordpress.org/plugins/browser-and-operating-system-finder/

Restart Required: No

Instructions:

1. Log into WordPress admin panel
2. Navigate to Plugins → Installed Plugins
3. Find 'Browser and Operating System Finder'
4. Click 'Update Now' if available
5. If no update button, download version 1.2+ from WordPress repository
6. Deactivate old version, upload new version, activate

🔧 Temporary Workarounds

CSRF Protection Implementation

all

Add CSRF tokens to plugin forms and validate them on submission

Plugin Deactivation

linux

Temporarily disable the vulnerable plugin until patched

wp plugin deactivate browser-and-operating-system-finder

🧯 If You Can't Patch

Implement web application firewall with CSRF protection rules
Restrict administrator access to trusted networks only

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Browser and Operating System Finder version number

Check Version:

wp plugin get browser-and-operating-system-finder --field=version

Verify Fix Applied:

Confirm plugin version is 1.2 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

Unexpected plugin configuration changes
Administrative actions from unusual IP addresses

Network Indicators:

POST requests to plugin admin endpoints without proper referrer headers

SIEM Query:

source="wordpress" AND (plugin="browser-and-operating-system-finder" AND version<1.2)

📊 Metadata

CVE ID: CVE-2021-20851

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: December 1, 2021

Last Updated: November 21, 2024

🔗 References

https://jvn.jp/en/jp/JVN93562098/index.html Third Party Advisory
https://wordpress.org/plugins/browser-and-operating-system-finder/ Third Party Advisory
https://jvn.jp/en/jp/JVN93562098/index.html Third Party Advisory
https://wordpress.org/plugins/browser-and-operating-system-finder/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-20851, you might also want to check these: