Description
WordPress Plugin miniOrange Discord Integration is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently call some of the AJAX actions and disable the app for example. WordPress Plugin miniOrange Discord Integration version 2.1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.6 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:A91D0501-C2A9-4C6C-B5DA-B3FC29442A4F
https://plugins.svn.wordpress.org/miniorange-discord-integration/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Better User Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.0)
WordPress Plugin YITH WooCommerce Multi Vendor Cross-Site Scripting (3.8.0)
WordPress Plugin Facebook for WordPress Cross-Site Request Forgery (3.0.3)
WordPress Plugin All-in-One Event Calendar Multiple Vulnerabilities (2.3.12)