ThreatPress

WordPress Vulnerabilities Database

Back

WordPress iThemes Sync plugin <= 2.0.17 - Insufficient Secure Key Validation vulnerability

Product
iThemes Sync
Description
Insufficient Secure Key Validation vulnerability found in WordPress iThemes Sync plugin (versions <= 2.0.17).
Solution
Update the WordPress iThemes Sync plugin to the latest available version (at least 2.0.18).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.17
Fixed In 2.0.18
Disclosure date
2019-10-10
Credits
iThemes
Submitter
ThreatPress