The LoginPress plugin before 1.1.4 for WordPress has no capability check for updates to settings.
References
Link | Resource |
---|---|
https://www.webarxsecurity.com/loginpress-plugin/ | Exploit Third Party Advisory |
https://wordpress.org/plugins/loginpress/#developers | Release Notes Third Party Advisory |
Configurations
Information
Published : 2019-09-03 06:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-15871
Mitre link : CVE-2019-15871
JSON object : View
CWE
CWE-862
Missing Authorization
Products Affected
wpbrigade
- loginpress