‘WordPress ActiveDEMAND plugin’ (versions <= 0.2.27) Broken Authentication Vulnerability

Details

Authentication vulnerability discovered in the WordPress ActiveDEMAND plugin (version <= 0.2.27) that leads to update/create/delete of unauthenticated posts.

solution

No patched version is available.

Sources.

CVE-2022-36296

脆弱性情報を受け取る