Description
WordPress Plugin Thrive Ovation is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Ovation version 2.4.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.5 or latest
References
Related Vulnerabilities
WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.5.4)
WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-23503)
Resin Application Server Improper Input Validation Vulnerability (CVE-2012-2965)