Description
WordPress Plugin TwitterCart is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently send tweets through this plugin. WordPress Plugin TwitterCart version 2.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1 or latest
References
https://www.pluginvulnerabilities.com/2017/10/09/tweet-sending-vulnerability-in-twittercart/
https://plugins.svn.wordpress.org/twittercart/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Twenty20 Image Before-After Cross-Site Scripting (1.5.9)
TYPO3 Uncontrolled Recursion Vulnerability (CVE-2021-21359)
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2023-28334)
WordPress Plugin WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)