ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WooCommerce Category Banner Management plugin <= 1.1.0 - Unauthenticated Settings Change Vulnerability

Product
Download Woocommerce Category Banner Management
Description
Unauthenticated Settings Change Vulnerability found by ThreatPress Research Team in WordPress WooCommerce Category Banner Management plugin (versions <= 1.1.0).
Solution
Update the WordPress WooCommerce Category Banner Management plugin to the latest available version (at least 1.1.1).
Classification
Type BYPASS
OWASP Top 10 A7: Missing Function Level Access Control
References
Vulnerability description
Plugin changelog
CVE
Name CVE-2018-11579
Versions
Affected In <= 1.1.0
Fixed In 1.1.1
Disclosure date
2018-06-03
Credits
ThreatPress
Submitter
ThreatPress