Description
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through php_admin_value or php_admin_flag in httpd.conf by using ini_set to modify arbitrary configuration variables, a different issue than CVE-2006-4625.
Remediation
References
Related Vulnerabilities
WordPress Plugin ShiftNav-Responsive Mobile Menu Cross-Site Scripting (1.5.2)
WordPress Improper Input Validation Vulnerability (CVE-2020-35539)
WordPress Plugin PayPal Digital Downloads Cross-Site Request Forgery (1.4)
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)
WordPress Plugin Happy Addons for Elementor Pro Cross-Site Scripting (1.16.0)