ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Rich Reviews plugin <= 1.7.4 - Unauthenticated Plugin Options Update vulnerability

Product
Rich Reviews
Description
Unauthenticated Plugin Options Update vulnerability found in WordPress Rich Reviews plugin (versions <= 1.7.4).
Solution
This plugin has been closed as of March 11, 2019 and is not available for download. Reason: Security Issue.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.7.4
Disclosure date
2019-09-25
Submitter
ThreatPress