Description
MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form Unspecified Vulnerability (1.1.9)
CKEditor Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-31541)
WordPress Plugin WP REST API (WP API) Information Disclosure (1.2)
WordPress Plugin Event post Local File Inclusion (5.9.5)
WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)