WordPress Plugin Vulnerabilities

Spambam <= 2.1 - Authorisation Bypass

Description

There is no fix for this, as it's a design flaw. Plugin has been closed by WordPress.

Affects Plugins

Plugin icon
spambam
No known fix

References

CVE
CVE-2008-4616
URL
https://www.securityfocus.com/archive/1/486333/100/200/threaded
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/39690

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Verified
No
WPVDB ID
cdef5254-3b23-40f7-b21c-e6627691c693

Timeline

Publicly Published
2008-01-15 (about 16 years ago)
Added
2019-08-21 (about 4 years ago)
Last Updated
2019-11-28 (about 4 years ago)

Other

Published
Title
Published
2014-08-01
Title
Easy Photo Album <= 1.1.5 - Album Information Disclosure
Published
2016-06-21
Title
Advanced Access Manager <= 3.2.1 - Privilege Escalation
Published
2022-02-22
Title
RW Divi Unite Gallery <= 1.0 - Security Bypass via Outdated Freemius
Published
2020-02-16
Title
ThemeGrill Demo Importer < 1.6.3 - Auth Bypass & Database Wipe
Published
2016-05-31
Title
Stream <= 3.0.5 - Unauthenticated Events Export