Description
WordPress Plugin wpCentral is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently escalate their privilege or alter/upload any file. WordPress Plugin wpCentral version 1.4.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.8 or latest
References
https://www.webarxsecurity.com/wpcentral-plugin-leads-to-multiple-vulnerabilities/
https://plugins.svn.wordpress.org/wp-central/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Sidekick Multiple Unspecified Vulnerabilities (2.2.1)
ZenCart Improper Input Validation Vulnerability (CVE-2009-4321)
WordPress Plugin LearnPress-WordPress LMS Security Bypass (4.1.4.1)
WordPress Plugin WP Customer Reviews Unspecified Vulnerability (3.0.7)
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.4)