Social Sharing Plugin – Kiwi <= 2.0.10 - Update Any Option

Affects Plugin

fixed in version 2.0.11

References

URL https://blog.nintechnet.com/critical-vulnerability-in-wordpress-kiwi-social-sharing-plugin-actively-exploited/
URL https://plugins.trac.wordpress.org/changeset/1973204/kiwi-social-share/trunk/includes/lib/helpers/class-kiwi-social-share-helper.php?old=1922991&old_path=kiwi-social-share%2Ftrunk%2Fincludes%2Flib%2Fhelpers%2Fclass-kiwi-social-share-helper.php

Classification

Type BYPASS

Miscellaneous

Submitter Ryan Dewhurst
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 5116
Verified No
WPVDB ID 9161

Timeline

Publicly Published 2018-11-12 (11 months ago)
Added 2018-12-07 (11 months ago)
Last Updated 2018-12-07 (11 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin