Mesmerize & Materialis Themes - Authenticated Options Update



Description
Discovered by NinTechNet, both the Mesmerize and Materialis WordPress themes were affected by an authenticated options update vulnerability. This could allow a lower privileged user to update site options, which they should not be permitted to.

Affects Themes

fixed in version 1.6.90
fixed in version 1.0.173

References

URL https://blog.nintechnet.com/wordpress-mesmerize-and-materialis-themes-fixed-an-authenticated-options-change-vulnerability/

Classification

Type UNKNOWN

Miscellaneous

Original Researcher NinTechNet
Views 35857
Verified No
WPVDB ID 9961

Timeline

Publicly Published 2019-12-02 (12 days ago)
Added 2019-12-02 (12 days ago)
Last Updated 2019-12-03 (11 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin