Description
WordPress Plugin Async JavaScript is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently modify plugin's settings. WordPress Plugin Async JavaScript version 2.19.07.14 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.20.02.27 or latest
References
Related Vulnerabilities
WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)
OpenVPN AS Use After Free Vulnerability (CVE-2023-46850)
Piwigo Improper Access Control Vulnerability (CVE-2016-10105)
WordPress Plugin WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4298)