ConvertPlus <= 3.4.4 - Multiple Issues



Description
According to the changelog:

3.4.5 - Security: User with none role gets created on form submission by curl request for variants.
3.4.4 - Improved sanitization, escaping and other security improvements.

Affects Plugin

fixed in version 3.4.5

References

CVE 2019-15863
URL https://www.convertplug.com/plus/changelog/

Classification

Type MULTI

Miscellaneous

Views 3367
Verified No
WPVDB ID 9365

Timeline

Publicly Published 2019-06-07 (5 months ago)
Added 2019-06-20 (5 months ago)
Last Updated 2019-09-03 (2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin