WordPress Plugin Absolute Privacy 'abpr_authenticateUser()' Security Bypass (2.0.5)

Description

WordPress Plugin Absolute Privacy is prone to a security bypass vulnerability. Attackers can exploit this vulnerability to bypass authentication mechanism and gain administrative access to an affected application, which may aid in further attacks. WordPress Plugin Absolute Privacy version 2.0.5 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.0.6 or latest

References
Severity
Classification
Tags
  • Missing Update