Description
WordPress Plugin MemberSonic Lite is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently login to any account simply by knowing the email address associated with the account. WordPress Plugin MemberSonic Lite version 1.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.302 or latest
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.51)
Oracle JRE CVE-2021-2341 Vulnerability (CVE-2021-2341)
WordPress Plugin Share This Image Unspecified Vulnerability (1.19)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-20187)
GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)