WordPress Plugin Vulnerabilities

Product Catalog <= 3.8.1 - Privilege Escalation

Description

The ultimate-product-catalog WordPress plugin was affected by a Privilege Escalation security vulnerability.

Affects Plugins

Plugin icon
ultimate-product-catalog
Fixed in 3.8.2

References

URL
https://packetstormsecurity.com/files/#137534/

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
0fd0c1a8-9b2b-439e-9d44-cf705669540e

Timeline

Publicly Published
2016-06-17 (about 9 years ago)
Added
2016-06-20 (about 9 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2026-01-12
Title
User Profile Builder < 3.15.2 - Unauthenticated Arbitrary Password Reset
Published
2022-07-06
Title
Simple Membership < 4.1.3 - Membership Privilege Escalation
Published
2025-02-28
Title
Exertio Framework < 1.3.2 - Unauthenticated Arbitrary User Password Update
Published
2017-11-12
Title
WP Support Plus Responsive Ticket System < 8.0.8 - Remote Code Execution
Published
2025-08-19
Title
Simple Business Directory Pro < 15.6.9 - Unauthenticated Privilege Escalation