ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Yuzo Related Posts plugin <=5.12.91 - Broken authentication

Product
Yuzo Related Posts
Description
Broken authentication and session management allows unauthenticated call any action or update any option on WordPress Yuzo Related Posts plugin (versions <=5.12.91).
Solution
10 April 2019 - this plugin was closed and is no longer available for download.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=5.12.91
Disclosure date
2019-04-10
Submitter
ThreatPress