Description
WordPress Plugin CMS Tree Page View is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently move pages. WordPress Plugin CMS Tree Page View version 1.3.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4 or latest
References
Related Vulnerabilities
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)
WordPress Plugin Peter's Math Anti-Spam Audio CAPTCHA Security Bypass (0.1.6)
WordPress Plugin Store Locator Plus for WordPress SQL Injection (3.8.6)
Dolibarr Incorrect Authorization Vulnerability (CVE-2020-12669)
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6)