ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Affiliate Disclosure plugin <=1.1.3 - Authenticated Option Update vulnerability (Fremius Library security issue)

Product
WP Affiliate Disclosure
Description
Authenticated Option Update vulnerability (Fremius Library security issue) found in WordPress WP Affiliate Disclosure plugin (versions <=1.1.3).
Solution
Update the WordPress WP Affiliate Disclosure plugin to the latest available version (at least 1.1.4).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Security issue description
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=1.1.3
Fixed In 1.1.4
Disclosure date
2019-03-05
Submitter
ThreatPress