Description
WordPress Plugin CF7 Manual Spam Blocker is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin CF7 Manual Spam Blocker version 1.0 is vulnerable.
Remediation
Update to plugin version 1.1.0 or latest
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5265)
WordPress Plugin Plugin:Newsletter 'data' Parameter Information Disclosure (1.5)
WordPress Plugin Portfolio Gallery-Image Gallery Cross-Site Request Forgery (1.1.2)
WordPress Plugin Newsletter-Send awesome emails from WordPress SQL Injection (3.0.8)