Description
WordPress Plugin 10Web Social Feed for Instagram is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin settings. WordPress Plugin 10Web Social Feed for Instagram version 1.3.18 is vulnerable; prior versions may also be affected.
Remediation
Disable the plugin until a fix is available
References
Related Vulnerabilities
Drupal Core 8.x.x Denial of Service (8.0.0 - 8.6.18)
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)
PHP Uncontrolled Resource Consumption Vulnerability (CVE-2023-0662)
WordPress Plugin Subscriptions & Memberships for PayPal Unspecified Vulnerability (1.1.5)