Description
WordPress Plugin Thrive Clever Widgets is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Clever Widgets version 1.56 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.56.1 or latest
References
Related Vulnerabilities
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2014-0117)
WordPress Plugin Catch Themes Demo Import Unspecified Vulnerability (1.8)
WordPress Plugin Google Analytics Top Content Widget Cross-Site Scripting (1.5.6)
WordPress Plugin Shopping Cart & eCommerce Store Unspecified Vulnerability (3.1.9)