ThreatPress

WordPress Vulnerabilities Database

Back

WordPress BuddyForms plugin <= 2.3.1 - Authenticated Option Update vulnerability (Fremius Library security issue)

Product
BuddyForms
Description
Authenticated Option Update vulnerability (Fremius Library security issue) found in WordPress BuddyForms plugin (versions <= 2.3.1).
Solution
Update the WordPress BuddyForms plugin to the latest available version (at least 2.3.2).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Security issue description
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.3.1
Fixed In 2.3.2
Disclosure date
2019-03-05
Submitter
ThreatPress