CVE-2023-46775
📋 TL;DR
This Cross-Site Request Forgery (CSRF) vulnerability in the Djo Original texts Yandex WebMaster WordPress plugin allows attackers to trick authenticated administrators into performing unintended actions. Attackers can craft malicious requests that execute when an admin visits a compromised page, potentially modifying plugin settings or performing other administrative actions. WordPress sites using vulnerable versions of this plugin are affected.
💻 Affected Systems
- Djo Original texts Yandex WebMaster WordPress plugin
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Attackers could modify plugin settings, potentially affecting site functionality or SEO settings, and could chain this with other vulnerabilities for more severe impact.
Likely Case
Attackers trick administrators into changing plugin configurations, potentially affecting Yandex WebMaster integration or site settings.
If Mitigated
With proper CSRF protections and admin awareness, impact is minimal as requests require admin authentication and user interaction.
🎯 Exploit Status
CSRF attacks typically require social engineering to trick authenticated users into visiting malicious pages.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: >1.18
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find 'Original texts Yandex WebMaster'. 4. Click 'Update Now' if available, or download latest version from WordPress repository. 5. Activate updated plugin.
🔧 Temporary Workarounds
Disable Plugin
allTemporarily disable the vulnerable plugin until patched
wp plugin deactivate original-texts-yandex-webmaster
Implement CSRF Protection
allAdd CSRF tokens to plugin forms if customizing
🧯 If You Can't Patch
- Educate administrators about CSRF risks and safe browsing practices
- Implement web application firewall rules to detect CSRF patterns
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel > Plugins > Original texts Yandex WebMaster > Version. If version is 1.18 or lower, vulnerable.Check Version:
wp plugin get original-texts-yandex-webmaster --field=versionVerify Fix Applied:
After update, verify plugin version is >1.18 in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to plugin admin endpoints without referrer validation
- Multiple failed CSRF token validations
Network Indicators:
- HTTP requests with missing or mismatched CSRF tokens to plugin endpoints
SIEM Query:
source="wordpress" AND (uri_path="/wp-admin/admin.php" AND query_string="page=original-texts-yandex-webmaster") AND http_method="POST" AND NOT referrer CONTAINS site_domain🔗 References
- https://patchstack.com/database/vulnerability/original-texts-yandex-webmaster/wordpress-original-texts-yandex-webmaster-plugin-1-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/original-texts-yandex-webmaster/wordpress-original-texts-yandex-webmaster-plugin-1-18-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
