Login Or Logout Menu Item <= 1.1.1 - Unauthenticated Options Change

Affects Plugin

fixed in version 1.2.0

References

CVE 2019-15820
URL https://blog.nintechnet.com/unauthenticated-options-change-in-wordpress-login-or-logout-menu-item-plugin/

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Original Researcher Jerome Bruandet (nintechnet.com)
Views 3274
Verified No
WPVDB ID 9500

Timeline

Publicly Published 2019-08-07 (3 months ago)
Added 2019-08-07 (3 months ago)
Last Updated 2019-08-30 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin