Description
WordPress Plugin Advanced Access Manager is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently gain administrator privileges. WordPress Plugin Advanced Access Manager version 3.2.1 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.2.2 or latest
References
http://www.pritect.net/blog/advanced-access-manager-3-2-1-security-vulnerability
https://wordpress.org/plugins/advanced-access-manager/changelog/
Related Vulnerabilities
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499)
Oracle Database Server CVE-2014-6541 Vulnerability (CVE-2014-6541)
WordPress Plugin Redirection Cross-Site Request Forgery (1.1.4)
WordPress Plugin Spreadsheet Cross-Site Scripting (2.0)
WordPress Plugin Events Shortcodes For The Events Calendar Security Bypass (1.9.4)