Share
## https://sploitus.com/exploit?id=WPEX-ID:5D52B68F-FACA-4572-BB84-ECB733EECBE7
Just don't send the parameters: $_POST['nonce'] or $_REQUEST['nonce']
=================================
File: redux-core/inc/classes/class-redux-admin-notices.php
if ( isset( $_POST['nonce'] ) && ! wp_verify_nonce( sanitize_key( wp_unslash( $_POST['nonce'] ) ), $id . $userid . 'nonce' ) ) {
die( 0 );
}
=================================
File: redux-core/inc/classes/class-redux-ajax-save.php
Content:
if ( isset( $_REQUEST['nonce'] ) && ! wp_verify_nonce( sanitize_key( wp_unslash( $_REQUEST['nonce'] ) ), 'redux_ajax_nonce' . $this->args['opt_name'] ) ) {
echo wp_json_encode(...
die();
}