Description
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security.
Remediation
References
Related Vulnerabilities
WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1)
WordPress Plugin ElasticPress Cross-Site Request Forgery (3.5.3)
WordPress Plugin SFBrowser 'sfbrowser.php' Arbitrary File Upload (1.4.5)
WordPress Plugin Widgets for WooCommerce Products on Elementor Cross-Site Scripting (1.0.7)