Description
WordPress Plugin Thrive Ovation is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Ovation version 2.4.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.5 or latest
References
Related Vulnerabilities
SharePoint CVE-2022-41038 Vulnerability (CVE-2022-41038)
ATutor Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-2539)
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads Security Bypass (2.2.5)
WordPress Plugin YouSayToo auto-publishing 'submit' Parameter Cross-Site Scripting (1.0.1)