Description
WordPress Plugin Thrive Leads is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Leads version 2.3.9.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.9.4 or latest
References
Related Vulnerabilities
WebLogic Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-27568)
WordPress Configuration Vulnerability (CVE-2009-2335)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0211)
WordPress Plugin WP Flash Player Multiple Cross-Site Scripting Vulnerabilities (1.3)