Description
WordPress Plugin AppPresser-Mobile App Framework is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently log in as any existing user on the site, such as an administrator, if they previously used the login via the plugin API. WordPress Plugin AppPresser-Mobile App Framework version 4.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.4.0 or latest
References
Related Vulnerabilities
WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.1.02)
WebLogic CVE-2020-2549 Vulnerability (CVE-2020-2549)
Oracle Database Server CVE-2010-3590 Vulnerability (CVE-2010-3590)
WordPress 3.0.4 Multiple Vulnerabilities (0.6.2 - 3.0.4)
WordPress Plugin WP Google Maps Cross-Site Scripting (7.10.41)