Description
WordPress Plugin Thrive Quiz Builder is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Quiz Builder version 2.3.9.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.9.4 or latest
References
Related Vulnerabilities
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2020-11027)
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-10546)
WebLogic CVE-2023-22086 Vulnerability (CVE-2023-22086)
WordPress Plugin Easy Social Box/Page Cross-Site Scripting (4.1.2)