Description
WordPress Plugin WatchTowerHQ is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin WatchTowerHQ version 3.6.16 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.6.17 or latest
References
Related Vulnerabilities
WordPress Plugin Event Organiser Cross-Site Scripting (2.12.4)
Oracle Database Server CVE-2019-2909 Vulnerability (CVE-2019-2909)
Opencart Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3763)
WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.2)
WordPress Plugin Donation Block For PayPal Cross-Site Scripting (2.0.0)