Description
WordPress Plugin Thrive Architect is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Architect version 2.6.7.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.6.7.4 or latest
References
Related Vulnerabilities
WordPress Plugin Relevanssi Premium-A Better Search Cross-Site Scripting (1.14.8)
WordPress Plugin Gantry 5 Framework Cross-Site Scripting (5.4.8)
Piwigo Improper Access Control Vulnerability (CVE-2016-10084)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-6106)
WordPress Plugin Visitors Online by BestWebSoft Cross-Site Scripting (0.9)