Description
WordPress Plugin Dropshix is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently create spam pages. WordPress Plugin Dropshix version 4.0.13 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.0.14 or latest
References
Related Vulnerabilities
MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-43281)
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16185)
WordPress Plugin SP Project & Document Manager Arbitrary File Upload (4.21)
OpenSSL Resource Management Errors Vulnerability (CVE-2009-4355)