Description
WordPress Plugin Thrive Ultimatum is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Ultimatum version 2.3.9.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.9.4 or latest
References
Related Vulnerabilities
WordPress Plugin WP Coder-add custom html, css and js code Cross-Site Request Forgery (2.5.1)
WordPress Plugin Content Blocks (Custom Post Widget) Cross-Site Scripting (3.0)
WordPress Plugin verwei.se-WordPress-Twitter Cross-Site Scripting (1.0.2)
MySQL CVE-2016-0665 Vulnerability (CVE-2016-0665)
WordPress Plugin Broken Link Manager Multiple Vulnerabilities (0.4.5)