CVE-2023-23897 Scanner
CVE-2023-23897 Scanner - Cross-Site Request Forgery vulnerability in Ozette Plugins - Simple Mobile URL Redirect
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
20 days 7 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
The Simple Mobile URL Redirect plugin by Ozette is used to manage mobile redirects on WordPress websites. Administrators and developers utilize this plugin for efficiently managing how their sites redirect mobile users to specific URLs. It's particularly popular among websites needing to present mobile users with a distinct set of pages or structure, differing from desktop versions. This plugin enables seamless user experience by automating redirects based on device type. It is crucial for ensuring that mobile audiences receive content optimized for smaller screens or mobile-specific interactions. Users and site administrators employ it to maintain a coherent redirection strategy without manual coding efforts.
Cross-Site Request Forgery (CSRF) is a vulnerability that allows attackers to execute unauthorized commands on behalf of authenticated users. In the context of the Simple Mobile URL Redirect plugin, it enables attackers to manipulate mobile redirect settings without user consent. This vulnerability exploits the trust that a site has in a user's browser, allowing attackers to modify redirect configurations by tricking administrators into performing actions they did not intend. CSRF vulnerabilities typically result in altered user experiences, unauthorized administrative actions, or both. Attackers leverage these vulnerabilities to enforce unintended state changes on servers for which the victim has permissions.
The vulnerability in the Simple Mobile URL Redirect plugin is primarily located within the redirect management endpoints. Attackers can craft a malicious POST request that interacts with the plugin's options page in WordPress, leading to unwanted redirect alterations. This manipulation is made possible by the absence of CSRF protections in earlier versions of the plugin. Parameters within the HTTP request, such as 'mobileurl' and 'mobiletoggle', can be altered to achieve various redirect outcomes. The crafted request mimics legitimate changes, bypassing the need for direct authentication or administrator intention.
If exploited, this CSRF vulnerability allows malicious actors to alter site redirect settings, potentially leading to traffic redirection to malicious sites. Such manipulation undermines user security by facilitating phishing attacks or data interceptions. Additionally, it compromises the integrity of site content management, leading to potential discrepancies in content delivery across devices. Furthermore, continuous exploitation may erode user trust as redirected content could become unpredictable. In environments with heavy reliance on precise mobile content delivery, this can result in significant operational disruptions or reputational harm.
REFERENCES
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-mobile-url-redirect/simple-mobile-url-redirect-172-cross-site-request-forgery-leading-to-mobile-redirect-updates
- https://nvd.nist.gov/vuln/detail/CVE-2023-23897
- https://patchstack.com/database/vulnerability/simple-mobile-url-redirect/wordpress-simple-mobile-url-redirect-plugin-1-7-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
