ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Hybrid Composer plugin <= 1.4.6 - Unauthenticated Options Update vulnerability

Product
Hybrid Composer
Description
Unauthenticated Options Update vulnerability found by rootetsy in WordPress Hybrid Composer plugin (versions <= 1.4.6).
Solution
Update the WordPress Hybrid Composer plugin to the latest available version (at least 1.4.7).
Classification
Type BYPASS
References
Plugin page
CVE
Name CVE-N/A
Versions
Affected In <= 1.4.6
Fixed In 1.4.7
Disclosure date
2019-07-13
Credits
rootetsy
Submitter
ThreatPress