Description
WordPress Plugin s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) is prone to a security bypass vulnerability. An attacker can exploit this issue to access arbitrary products without proper authorization. WordPress Plugin s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) versions 111105 and prior are all affected.
Remediation
Update to plugin version 111206 or latest
References
Related Vulnerabilities
Oracle JRE CVE-2013-2437 Vulnerability (CVE-2013-2437)
WordPress Plugin SS Downloads Multiple Cross-Site Scripting Vulnerabilities (1.4.4.1)
WordPress 3.9.x Same Origin Method Execution (SOME) Vulnerability (3.9 - 3.9.11)
WordPress Plugin Count per Day Multiple Cross-Site Scripting Vulnerabilities (3.5.4)
WordPress Plugin FireStorm Professional Real Estate 'id' Parameter SQL Injection (2.06.03)