Description

WordPress Plugin WP Print Friendly is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently access both private and password protected posts through the print page. WordPress Plugin WP Print Friendly version 0.5.2 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 0.5.3 or latest

References

http://secunia.com/advisories/53371/

http://www.securityfocus.com/bid/59822/

Related Vulnerabilities

WordPress Plugin GEO Redirector Cross-Site Scripting (1.0.1)

WordPress Plugin Email newsletter Cross-Site Scripting (20.13.6)

WordPress Plugin lasTunes Cross-Site Scripting (3.6.1)

WordPress Plugin WP Login Security and History Cross-Site Request Forgery (1.0)

WordPress Plugin WP Google Maps Cross-Site Scripting (8.1.11)

Severity

High

Classification

CWE-264 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Authentication Bypass