Description
Joomla! 1.6.x/1.7.x/2.5.0-2.5.2 suffers from a privilege escalation vulnerability that allows users to be registered into any group not having 'core.admin' privileges.
Remediation
Joomla! versions 1.0.x, 1.5.x, and 2.5.3+ are not vulnerable. No patch has been issued for 1.6.x or 1.7.x and users of these versions are strongly urged to upgrade to 2.5.3 immediately.
References
Related Vulnerabilities
WordPress Plugin Gutenberg & Elementor Templates Importer For Responsive Security Bypass (2.2.5)
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
WordPress Plugin FV Flowplayer Video Player SQL Injection (7.3.18.727)
Apache Tomcat version older than 5.5.26
WordPress Plugin Plugmatter Optin Feature Box Multiple SQL Injection Vulnerabilities (2.0.13)