Description
WordPress Plugin Shortcoder-Create Shortcodes for Anything is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently call an AJAX action. WordPress Plugin Shortcoder-Create Shortcodes for Anything version 6.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.3.1 or latest
References
Related Vulnerabilities
Lighttpd Other Vulnerability (CVE-2007-3947)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2156)
WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)
MySQL CVE-2020-2804 Vulnerability (CVE-2020-2804)
Atlassian Jira CVE-2020-29451 Vulnerability (CVE-2020-29451)