Description
Kupu 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, and 4.2.0 through 4.2.7 allows remote authenticated users to edit Kupu settings.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-0291 Vulnerability (CVE-2006-0291)
WordPress Plugin SocialFit 'msg' Parameter Cross-Site Scripting (1.2.2)
WordPress Plugin Event Single Page Templates Addon For The Events Calendar Security Bypass (1.5)
MediaWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-35475)