ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Social Sharing Plugin – Kiwi plugin <= 2.0.10 - Update Any Option (bypass) vulnerability

Product
Social Sharing Plugin – Kiwi
Description
Bypass (update any option) vulnerability found in WordPress Social Sharing Plugin – Kiwi plugin (versions <= 2.0.10).
Solution
Update the WordPress Social Sharing Plugin – Kiwi plugin to the latest available version (at least 2.0.11).
Classification
Type BYPASS
OWASP Top 10 A7: Missing Function Level Access Control
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.10
Fixed In 2.0.11
Disclosure date
2018-12-07
Submitter
ThreatPress