CVE-2023-44475 in Add Shortcodes Actions and Filters Plugininfo

Summary

by MITRE • 10/25/2023

Cross-Site Request Forgery (CSRF) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 12/30/2025

The CVE-2023-44475 vulnerability represents a critical cross-site request forgery flaw discovered in the Michael Simpson Add Shortcodes Actions And Filters WordPress plugin, affecting versions up to and including 2.0.9. This vulnerability stems from the plugin's insufficient validation of user requests, allowing malicious actors to execute unauthorized actions on behalf of authenticated users. The issue arises from the plugin's failure to implement proper CSRF protection mechanisms, specifically the absence of anti-forgery tokens in critical administrative functions. Attackers can exploit this weakness by crafting malicious requests that appear to originate from legitimate administrative users, potentially leading to unauthorized modifications of plugin settings, data manipulation, or privilege escalation within the affected WordPress environment.

The technical implementation of this vulnerability occurs through the plugin's handling of administrative AJAX requests and form submissions. When authenticated users interact with the plugin's administrative interfaces, the system should verify that requests originate from legitimate sources through the use of unique tokens or other validation mechanisms. However, the vulnerable plugin versions lack these protective measures, making it possible for attackers to leverage existing user sessions to perform unauthorized operations. The flaw operates at the application layer and specifically targets the plugin's administrative functionality, where users with appropriate privileges can modify shortcode configurations, adjust plugin settings, or potentially access restricted content. This vulnerability is particularly concerning as it requires minimal user interaction from the victim beyond having an active session with administrative privileges.

The operational impact of this vulnerability extends beyond simple data manipulation to potentially compromise entire WordPress installations. An attacker exploiting this CSRF flaw could alter plugin configurations, inject malicious shortcodes, modify user permissions, or even gain deeper access to the WordPress administration panel. The vulnerability particularly affects sites where administrators frequently interact with the plugin's administrative interfaces, as the attack requires only that a victim visits a malicious page while authenticated. This makes the exploit particularly dangerous in environments where administrators may inadvertently browse compromised websites or receive phishing emails. The attack vector allows for persistent exploitation and could enable attackers to maintain access to compromised systems, potentially leading to data breaches, site defacement, or further exploitation of the WordPress environment.

Mitigation strategies for CVE-2023-44475 should prioritize immediate plugin updates to versions that include proper CSRF protection mechanisms. Organizations should implement comprehensive patch management processes to ensure all WordPress plugins remain current with security updates, particularly those with administrative functionality. The implementation of additional security measures such as web application firewalls, proper session management, and regular security audits can provide layered protection against similar vulnerabilities. Security professionals should also consider implementing monitoring solutions that can detect unauthorized administrative activities or unusual pattern of plugin modifications. According to CWE guidelines, this vulnerability aligns with CWE-352, which specifically addresses cross-site request forgery weaknesses, and may also relate to CWE-284, concerning improper access control. From an ATT&CK framework perspective, this vulnerability maps to techniques involving privilege escalation and persistence through web application exploitation, potentially enabling adversaries to establish long-term access to compromised systems. Organizations should also conduct regular vulnerability assessments and penetration testing to identify and remediate similar weaknesses in their web application infrastructure.

Responsible

Patchstack

Reservation

09/29/2023

Disclosure

10/25/2023

Moderation

accepted

CPE

ready

EPSS

0.00216

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!