Description
WordPress Plugin AMP for WP-Accelerated Mobile Pages is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently make administrative changes to a website (update the plugin's settings, download/read/upload files, inject Posts, etc). WordPress Plugin AMP for WP-Accelerated Mobile Pages version 0.9.97.19 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.9.97.20 or latest
References
https://gist.github.com/sybrew/eb8533c5031bd749f0c6f55f114ab70f
https://www.webarxsecurity.com/amp-plugin-vulnerability/
https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/
https://ampforwp.com/explaining-the-this-plugin-was-closed-situation/
https://plugins.svn.wordpress.org/accelerated-mobile-pages/trunk/changelog.txt
Related Vulnerabilities
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1099)
WordPress Plugin WP User Manager-User Profile Builder & Membership Security Bypass (2.6.2)
WordPress Plugin Custom Login Redirect Cross-Site Request Forgery (1.0.0)