Description
WordPress Plugin 10Web Social Feed for Instagram is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin settings. WordPress Plugin 10Web Social Feed for Instagram version 1.3.18 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.154)
WordPress Plugin Seed Social Cross-Site Scripting (2.0.3)
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351)
MongoDb Insertion of Sensitive Information into Log File Vulnerability (CVE-2026-9751)