Description
WordPress Plugin miniOrange Discord Integration is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently call some of the AJAX actions and disable the app for example. WordPress Plugin miniOrange Discord Integration version 2.1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.6 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:A91D0501-C2A9-4C6C-B5DA-B3FC29442A4F
https://plugins.svn.wordpress.org/miniorange-discord-integration/trunk/readme.txt
Related Vulnerabilities
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6024)
PHP Other Vulnerability (CVE-2002-0081)
WordPress Plugin Advanced Ads-Ad Manager & AdSense Cross-Site Scripting (1.17.3)
IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-6129)