Description
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify arbitrary options. WordPress Plugin InstaWP Connect-1-click WP Staging & Migration version 0.1.0.8 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 0.1.0.9 or latest
References
https://github.com/RandomRobbieBF/CVE-2024-22145
https://plugins.svn.wordpress.org/instawp-connect/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin JiangQie Official Website Mini Program SQL Injection (1.1.0)
WordPress Plugin WPFront User Role Editor Unspecified Vulnerability (2.14.1)
PrestaShop CVE-2018-13784 Vulnerability (CVE-2018-13784)
WordPress 3.7.1 Multiple Vulnerabilities (3.7 - 3.7.1)
Atlassian Jira Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2020-36231)