Description
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions.
Remediation
References
Related Vulnerabilities
WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.14.7)
WebLogic CVE-2020-5421 Vulnerability (CVE-2020-5421)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.0.0 - 3.10.6)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-5487)