Description
WordPress Plugin WatchTowerHQ is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently download/delete arbitrary files. WordPress Plugin WatchTowerHQ version 3.6.15 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.6.16 or latest
References
Related Vulnerabilities
WordPress Plugin Twitter Feed:Embedded Timeline 'url' Parameter Cross-Site Scripting (0.3.1)
WordPress Plugin WP Symposium Toolbar Unspecified Vulnerability (0.26.0)
MySQL CVE-2013-1532 Vulnerability (CVE-2013-1532)
Atlassian Confluence CVE-2024-21683 Vulnerability (CVE-2024-21683)
Zope Web Application Server Other Vulnerability (CVE-2000-1212)