Description
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH WooCommerce Wishlist SQL Injection (2.1.2)
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)
WordPress Plugin OdiHost Newsletter 'openstat.php' SQL Injection (1.0)
WordPress Plugin Site Kit by Google Security Bypass (1.7.1)
WordPress Plugin Catch Themes Demo Import Arbitrary File Upload (1.7)