Description
WordPress Plugin WordPress Social Stream is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently overwrite admin options. WordPress Plugin WordPress Social Stream version 1.5.15 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.5.16 or latest
References
https://www.exploit-db.com/exploits/39946/
http://codecanyon.net/item/wordpress-social-stream/2201708?s_rank=15
Related Vulnerabilities
Sqlite Use After Free Vulnerability (CVE-2021-20227)
MySQL CVE-2018-2779 Vulnerability (CVE-2018-2779)
WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)
WordPress Plugin Livemesh Addons for Elementor Security Bypass (2.5.2)
Roundcube Improper Input Validation Vulnerability (CVE-2011-1492)