Description
WordPress Plugin WP Data Access is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently make unauthorized AJAX calls and access the debug logs. WordPress Plugin WP Data Access version 5.1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.1.4 or latest
References
Related Vulnerabilities
Oracle JRE CVE-2024-20918 Vulnerability (CVE-2024-20918)
Joomla CVE-2019-12764 Vulnerability (CVE-2019-12764)
PHP NULL Pointer Dereference Vulnerability (CVE-2016-7131)
WordPress Plugin Enhanced Plugin Admin Cross-Site Scripting (1.15)
MediaWiki Use of Hard-coded Credentials Vulnerability (CVE-2012-4381)