ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Login or Logout Menu Item plugin <= 1.1.1 - Unauthenticated Options Change vulnerability

Product
Login or Logout Menu Item
Description
Unauthenticated Options Change vulnerability found by Jerome Bruandet (Nintechnet) in WordPress Login or Logout Menu Item plugin (versions <= 1.1.1).
Solution
Update the WordPress Login or Logout Menu Item plugin to the latest available version (at least 1.2.0)
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.1.1
Fixed In 1.2.0
Disclosure date
2019-08-08
Credits
Jerome Bruandet (Nintechnet)
Submitter
ThreatPress