Description
WordPress Plugin Revive Old Post-Auto Post to Social Media is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently update "default_role" and "users_can_register" options which may lead to the creation of a new account with administrative privileges. WordPress Plugin Revive Old Post-Auto Post to Social Media version 6.9.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.9.4 or latest
References
Related Vulnerabilities
Apache HTTP Server Use After Free Vulnerability (CVE-2017-9789)
WordPress Plugin Easy Modal Multiple SQL Injection Vulnerabilities (2.0.17)
WordPress Plugin Catch Infinite Scroll Security Bypass (1.8.1)
WordPress 3.8.1 Multiple Vulnerabilities (3.8 - 3.8.1)
WordPress Plugin Widget Shortcode Cross-Site Scripting (0.3.5)