• WordPress Plugin WordPress Social Stream is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently overwrite admin options. WordPress Plugin WordPress Social Stream version 1.5.15 is vulnerable; prior versions may also be affected.

• Update to plugin version 1.5.16 or latest

• • https://www.exploit-db.com/exploits/39946/
  • https://packetstormsecurity.com/files/137480/WordPress-Social-Stream-1.5.15-wp_options-Overwrite.html
  • http://codecanyon.net/item/wordpress-social-stream/2201708?s_rank=15

• 

• CWE-264

• Missing Update Authentication Bypass

• WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.22)
• WordPress Plugin Democracy Poll Multiple Vulnerabilities (5.3.6)
• WordPress 'edit.php' Cross-Site Scripting Vulnerability (1.5 - 1.5)
• WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.9.60)
• WordPress 4.4.x Arbitrary File Deletion Vulnerability (4.4 - 4.4.15)