Description
WordPress Plugin Stylish Price List is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently upload arbitrary images. WordPress Plugin Stylish Price List version 6.8.14 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 6.9.0 or latest
References
Related Vulnerabilities
Drupal Core 5.x Security Bypass (5.0 - 5.2)
WordPress Plugin Smart Layers by AddThis Unspecified Vulnerability (1.0.1)
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.0.2)
Joomla! Core 3.0.x Clickjacking Vulnerability (3.0.0 - 3.0.1)
WordPress Plugin Contest Gallery-Photo Contest for WordPress Cross-Site Scripting (13.1.0.9)