Description
WordPress Plugin Spam Free WordPress is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently bypass IP blocklist. WordPress Plugin Spam Free WordPress version 1.9.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.3 or latest
References
Related Vulnerabilities
WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)
WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3717)
NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)