Back
WordPress YITH WooCommerce Zoom Magnifier plugin <=1.3.11 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability
- Product
- YITH WooCommerce Zoom Magnifier
- Description
- Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Zoom Magnifier plugin (versions <=1.3.11).
- Solution
- Update the WordPress YITH WooCommerce Zoom Magnifier plugin to the latest available version (at least 1.3.12).
- Classification
-
Type Unknown
OWASP Top 10 A2: Broken Authentication and Session Management
- References
-
Plugin changelog
- CVE
- Name CVE-2019-16251
- Versions
-
Affected In
<=1.3.11
Fixed In 1.3.12
- Disclosure date
- 2019-10-31
- Credits
- Jerome Bruandet (Nintechnet)
- Submitter
- ThreatPress