Description

WordPress Plugin WP Print Friendly is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently access both private and password protected posts through the print page. WordPress Plugin WP Print Friendly version 0.5.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 0.5.3 or latest

References

http://secunia.com/advisories/53371/

http://www.securityfocus.com/bid/59822/

Related Vulnerabilities

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9456)

Apache Tomcat version older than 6.0.14

WordPress Plugin Wholesale Market for WooCommerce Arbitrary File Download (1.0.6)

Squid Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-41317)

WordPress Plugin Shariff for WordPress Cross-Site Scripting (1.0.7)

Severity

High

Classification

CWE-264 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Authentication Bypass