Description
WordPress Plugin Thrive Architect is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Architect version 2.6.7.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.6.7.4 or latest
References
Related Vulnerabilities
WordPress Plugin Deny All Firewall Cross-Site Request Forgery (1.1.6)
WordPress Plugin 4k Icons for Visual Composer-Free Cross-Site Scripting (1.0)
Plone CMS CVE-2017-1000483 Vulnerability (CVE-2017-1000483)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2203)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15808)