Health Check & Troubleshooting <= 1.2.3 - Authenticated Lack of Authorisation

Affects Plugin

fixed in version 1.2.4

References

URL https://www.synacktiv.com/ressources/advisories/WordPress_Health_Check_1.2.3_Vulnerabilities.pdf
URL https://plugins.trac.wordpress.org/changeset/2011772/health-check

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Original Researcher Julien Legras
Submitter Julien Legras
Submitter Website https://www.synacktiv.com/
Views 8240
Verified No
WPVDB ID 9210

Timeline

Publicly Published 2019-01-25 (11 months ago)
Added 2019-01-28 (11 months ago)
Last Updated 2019-11-01 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin