Description
WordPress Plugin PWA for WP & AMP is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change plugin�s settings, or even upload arbitrary files. WordPress Plugin PWA for WP & AMP version 1.7.32 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.7.33 or latest
References
Related Vulnerabilities
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2014-3581)
MySQL Uncontrolled Resource Consumption Vulnerability (CVE-2025-50094)
WordPress Plugin WordPress Download Manager Multiple Vulnerabilities (2.9.49)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30537)