Yuzo Related Posts < 5.12.94 - Unauthenticated Call Any Action or Update Any Option

Affects Plugin

fixed in version 5.12.94
- plugin closed

References

CVE 2019-11869
URL https://stackoverflow.com/questions/55610548/possible-vulnerability-in-closed-plugin-yuzo-related-posts
URL https://www.wordfence.com/blog/2019/04/yuzo-related-posts-zero-day-vulnerability-exploited-in-the-wild/
URL https://blog.sucuri.net/2019/04/attacks-on-closed-wordpress-plugins.html

Classification

Type BYPASS

Miscellaneous

Submitter Daniel van Dorp
Submitter Website https://vandorp.biz
Submitter Twitter djvdorp
Views 13855
Verified No
WPVDB ID 9254

Timeline

Publicly Published 2019-04-10 (about 1 year ago)
Added 2019-04-10 (about 1 year ago)
Last Updated 2019-12-24 (6 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin