Description
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions.
Remediation
References
Related Vulnerabilities
WordPress Plugin Livemesh SiteOrigin Widgets Security Bypass (2.5.1)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)
SharePoint Origin Validation Error Vulnerability (CVE-2019-1442)
WordPress 5.3.x Directory Traversal (5.3 - 5.3.17)
Omeka Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5100)