WordPress Plugin Vulnerabilities

Stops Core Theme And Plugin Updates < 8.0.5 - Insufficient Restrictions on Option Changes

Description

The Easy Updates Manager WordPress plugin was affected by an Insufficient Restrictions on Option Changes security vulnerability.

Affects Plugins

Plugin icon
stops-core-theme-and-plugin-updates
Fixed in 8.0.5

References

CVE
CVE-2019-15650

Classification

Type
PRIVESC
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-269
CVSS
4.3 (medium)

Miscellaneous

Verified
No
WPVDB ID
9a9408da-9849-41aa-9af6-cb720ae971c0

Timeline

Publicly Published
2019-03-28 (about 7 years ago)
Added
2019-08-27 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2017-11-12
Title
WP Support Plus Responsive Ticket System < 8.0.8 - Remote Code Execution
Published
2025-08-18
Title
Real Spaces - WordPress Properties Directory Theme < 3.6.1 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register'
Published
2025-08-19
Title
Simple Business Directory Pro < 15.6.9 - Unauthenticated Privilege Escalation
Published
2025-05-08
Title
IMITHEMES Listing < 3.4 - Unauthenticated Privilege Escalation via Unverified Password Reset
Published
2023-07-31
Title
Shop as a Customer for WooCommerce < 1.2.4 - Shop Manager+ Privilege Escalation