Advanced Access Manager <= 3.2.1 – Privilege Escalation

Affects Plugins

advanced-access-manager

Fixed in 3.2.2

References

URL

https://www.pritect.net/blog/advanced-access-manager-3-2-1-security-vulnerability

Classification

Type

AUTHBYPASS

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-287

Miscellaneous

Submitter

James Golovich

Submitter website

http://pritect.net

Submitter twitter

Pritect

Verified

No

WPVDB ID

c93dea0f-27a4-474e-9ee4-38fdb4fbc588

Timeline

Publicly Published

2016-06-21 (about 9 years ago)

Added

2016-06-21 (about 9 years ago)

Last Updated

2019-11-01 (about 6 years ago)

Other

Published

Title

Published

2015-08-28

Title

Job Manager <= 0.7.25 - Insecure Direct Object Reference (IDOR)

Published

2026-01-29

Title

Booked <= 3.0.0 - Authentication Bypass

Published

2025-12-15

Title

WPCOM Member < 1.7.17 - Authentication Bypass via Weak OTP

Published

2018-03-13

Title

UserPro <= 4.9.20 - User Registration With Administrator Role

Published

2018-03-03

Title

Super Socializer < 7.11 - Authentication Bypass