CVE-2023-4729

MEDIUM

Ladipage < 4.4 - CSRF

Title source: rule

Description

The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the publish_lp() function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to change the LadiPage key (a key fully controlled by the attacker), enabling them to freely create new pages, including web pages that trigger stored XSS via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

References (2)

Core 2

Core References

Product

https://plugins.trac.wordpress.org/browser/ladipage/trunk/ladipage.php#L1992

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/db707507-c53f-45b8-a8e1-7fea1c6f8f3c?source=cve

Scores

CVSS v3 4.3

EPSS 0.0021

EPSS Percentile 11.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-352

Status published

Products (2)

binhnguyenplus/LadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… < 4.4

ladipage/ladipage < 4.4

Published Mar 12, 2024

Tracked Since Feb 18, 2026