Description
Joomla! 1.6.x/1.7.x/2.5.0-2.5.2 suffers from a privilege escalation vulnerability that allows users to be registered into any group not having 'core.admin' privileges.
Remediation
Joomla! versions 1.0.x, 1.5.x, and 2.5.3+ are not vulnerable. No patch has been issued for 1.6.x or 1.7.x and users of these versions are strongly urged to upgrade to 2.5.3 immediately.
References
Related Vulnerabilities
WordPress Plugin WP Membership Multiple Vulnerabilities (1.2.3)
WordPress Plugin Abandoned Cart Lite for WooCommerce SQL Injection (1.8)
WordPress Plugin leads5050-visitor-insights Security Bypass (1.0.5)
WordPress Plugin Viral Quiz Maker-OnionBuzz SQL Injection (1.2.1)
WordPress Plugin Easy Modal Multiple SQL Injection Vulnerabilities (2.0.17)