Vulnerabilities

CVE-2024-1733

by Fred · 16/03/2024

The Word Replacer Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the word_replacer_ultra() function in all versions up to, and including, 1.0. This makes it possible for unauthenticated attackers to update arbitrary content on the affected WordPress site.

More information : https://plugins.trac.wordpress.org/browser/word-replacer-ultra/trunk/inc/word-replacer-ultra-ajax.php#L16

Similar

Tags: Cybersecurity Alert