WordPress Plugin Vulnerabilities

MainWP Child <= 2.0.9.1 - Authentication Bypass

Description

The MainWP Child – Securely connects sites to the MainWP WordPress Manager Dashboard WordPress plugin was affected by an Authentication Bypass security vulnerability.

Affects Plugins

Plugin icon
mainwp-child
Fixed in 2.0.9.2

References

URL
https://blog.sucuri.net/2015/03/security-advisory-mainwp-child-wordpress-plugin.html

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
6d3888c5-3716-44b8-b051-640bea855129

Timeline

Publicly Published
2015-03-09 (about 9 years ago)
Added
2015-03-10 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2015-03-04
Title
Ya'aburnee 1.0.7 - Privilage Escalation
Published
2019-03-17
Title
Easy WP SMTP <= 1.3.9 - Unauthenticated Arbitrary wp_options Import
Published
2020-09-17
Title
Discount Rules for WooCommerce < 2.2.1 - Multiple Authorization Bypass
Published
2023-04-11
Title
Web Stories < 1.32 - Author+ Auth Bypass
Published
2019-07-05
Title
WP Like Button < 1.6.4 - Auth Bypass