ThreatPress

WordPress Vulnerabilities Database

Back

WordPress ND Shortcodes For Visual Composer plugin <= 5.8 - Unauthenticated WP Options Update vulnerability

Product
ND Shortcodes For Visual Composer
Description
Unauthenticated WP Options Update vulnerability found in WordPress ND Shortcodes For Visual Composer plugin (versions <= 5.8).
Solution
Update the WordPress ND Shortcodes For Visual Composer plugin to the latest available version (at least 5.9.1).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 5.8
Fixed In 5.9.1
Disclosure date
2019-07-31
Submitter
ThreatPress