ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Social Warfare plugin <= 3.5.2 - Unauthenticated Arbitrary Settings Update vulnerability

Product
Social Warfare
Description
Unauthenticated Arbitrary Settings Update vulnerability found in WordPress Social Warfare plugin (versions <= 3.5.2).
Solution
Update the WordPress Social Warfare plugin to the latest available version (at least 3.5.3).
Classification
Type BYPASS
OWASP Top 10 A7: Missing Function Level Access Control
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 3.5.2
Fixed In 3.5.3
Disclosure date
2019-03-22
Submitter
ThreatPress