ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Private Content Plus plugin <= 1.31 - Unauthenticated Options Change vulnerability

Product
WP Private Content Plus
Description
Unauthenticated Options Change vulnerability found in WordPress WP Private Content Plus plugin (versions <= 1.31).
Solution
Update the WordPress WP Private Content Plus plugin to the latest available version (at least 2.0).
Classification
Type BYPASS
OWASP Top 10 A7: Missing Function Level Access Control
References
Vulnerability details
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 1.31
Fixed In 2.0
Disclosure date
2019-08-27
Submitter
ThreatPress