Description
WordPress Plugin AMP for WP-Accelerated Mobile Pages is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently make administrative changes to a website (update the plugin's settings, download/read/upload files, inject Posts, etc). WordPress Plugin AMP for WP-Accelerated Mobile Pages version 0.9.97.19 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.9.97.20 or latest
References
https://gist.github.com/sybrew/eb8533c5031bd749f0c6f55f114ab70f
https://www.webarxsecurity.com/amp-plugin-vulnerability/
https://www.wordfence.com/blog/2018/11/xss-injection-campaign-exploits-wordpress-amp-plugin/
https://ampforwp.com/explaining-the-this-plugin-was-closed-situation/
https://plugins.svn.wordpress.org/accelerated-mobile-pages/trunk/changelog.txt
Related Vulnerabilities
WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.37)
WordPress Plugin Mail logging-WP Mail Catcher Cross-Site Scripting (2.1.2)
WordPress Plugin nBill Lite PHP Object Injection (3.2.2)
TYPO3 Use of Insufficiently Random Values Vulnerability (CVE-2010-3666)
WordPress 2.0.5 Invalid CSRF Token Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)