Description
WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Toolset Types-Custom Post Types, Custom Fields and Taxonomies version 2.3.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.4 or latest
References
Related Vulnerabilities
WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44)
WordPress Plugin File Manager Unspecified Vulnerability (3.0)
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580)
WordPress Plugin Relevanssi Premium-A Better Search Cross-Site Scripting (1.14.8)
WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)