Description
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1169)
WordPress Plugin Cardinity Payment Gateway for WooCommerce Cross-Site Scripting (3.0.6)
WordPress 3.3.1 Multiple Vulnerabilities (2.0 - 3.3.1)
WordPress Plugin Bliss Gallery Arbitrary File Upload (2.3)
WordPress Plugin Giveaway Boost PHP Object Injection (2.1.2)