Description
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently bypass user enumeration and other protection mechanisms. WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan version 8.0 is vulnerable; prior versions may also be affected.
Remediation
Ensure that protection mechanisms are properly implemented or disable the plugin until a fix is available
References
https://www.exploit-db.com/exploits/46497
https://packetstormsecurity.com/files/151906/WordPress-Cerber-8.0-Bypass.html
Related Vulnerabilities
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2022-47927)
WordPress Plugin WP Symposium Arbitrary File Upload (14.11)
WordPress Plugin WooCommerce Catalog Enquiry Arbitrary File Upload (3.0.0)
WordPress Plugin WP Social Feed Gallery Unspecified Vulnerability (2.1.1)
WordPress Plugin Connections Business Directory CSV Injection (9.6)