Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update

The Campaign Monitor Forms by Optin Cat WordPress plugin before 2.5.6 does not prevent users with low privileges (like subscribers) from overwriting any options on a site with the string "true", which could lead to a variety of outcomes, including DoS.

N/A

N/A

WordPress Plugin Campaign Monitor Forms by Optin Cat 访问控制错误漏洞

WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin Campaign Monitor Forms by Optin Cat 2.5.6 版本之前存在访问控制错误漏洞，该漏洞源于使用字符串 true 可以覆盖网站上的任何选项，这可能会导致拒绝服务。

N/A

N/A