CVE-2023-7048 in My Sticky Bar Plugininfo

Summary

by MITRE • 01/11/2024

The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.6. This is due to missing or incorrect nonce validation in mystickymenu-contact-leads.php. This makes it possible for unauthenticated attackers to trigger the export of a CSV file containing contact leads via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Because the CSV file is exported to a public location, it can be downloaded during a very short window of time before it is automatically deleted by the export function.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 04/11/2026

The vulnerability identified as CVE-2023-7048 affects the My Sticky Bar plugin for WordPress, specifically targeting versions up to and including 2.6.6. This represents a critical cross-site request forgery weakness that undermines the security posture of affected WordPress installations. The flaw resides within the mystickymenu-contact-leads.php file where proper nonce validation mechanisms are either absent or improperly implemented, creating a significant attack vector for malicious actors seeking to exploit the plugin's contact lead export functionality.

The technical implementation of this vulnerability stems from the absence of proper authentication checks and nonce validation within the plugin's export mechanism. A nonce is a cryptographic value that ensures requests originate from legitimate sources and prevents unauthorized actions from being executed on behalf of authenticated users. In this case, the plugin fails to verify that export requests are legitimate and properly authorized, allowing attackers to craft malicious requests that can be executed when an administrator interacts with compromised content. This weakness directly aligns with CWE-352, which defines Cross-Site Request Forgery as a security vulnerability that enables attackers to perform actions on behalf of authenticated users without their knowledge or consent.

The operational impact of this vulnerability extends beyond simple data exposure, as it creates a window of opportunity for attackers to harvest sensitive contact information from WordPress sites. When an administrator clicks on a malicious link or visits a compromised webpage, the forged request can trigger an automated CSV export containing contact leads from the site. These exported files are stored in publicly accessible locations and remain available for download during a brief time frame before automatic deletion occurs, creating a narrow but exploitable window for data theft. The vulnerability is particularly concerning because it does not require authentication from the attacker, making it an unauthenticated attack vector that can be executed through social engineering techniques.

Security practitioners should note that this vulnerability represents a significant risk to organizations relying on WordPress platforms with the affected plugin installed. The attack requires minimal technical expertise and can be executed through simple social engineering tactics, making it particularly dangerous in environments where administrators may be less security-aware. The automatic deletion mechanism of the export function does not provide sufficient protection against exploitation, as the brief window of availability is typically sufficient for attackers to download the sensitive data. Organizations should implement immediate mitigations including plugin updates to versions that address the nonce validation issues, and consider implementing additional security measures such as web application firewalls and monitoring for suspicious export activities.

The broader implications of this vulnerability highlight the importance of proper input validation and authentication mechanisms in WordPress plugins, particularly those handling sensitive data operations. This issue demonstrates how seemingly minor implementation flaws in plugin development can create significant security risks for entire WordPress ecosystems. From an ATT&CK framework perspective, this vulnerability maps to techniques involving credential harvesting and data extraction, potentially enabling further attacks through the compromised contact information. Organizations should conduct comprehensive vulnerability assessments to identify other plugins with similar nonce validation issues and implement robust security practices including regular plugin updates, security audits, and user education to prevent successful exploitation of such vulnerabilities.

Responsible

Wordfence

Reservation

12/21/2023

Disclosure

01/11/2024

Moderation

accepted

CPE

ready

EPSS

0.00211

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!