Description
WordPress Plugin Thrive Headline Optimizer is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Headline Optimizer version 1.3.7.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.3.7.3 or latest
References
Related Vulnerabilities
WordPress Plugin Official MailerLite Sign Up Forms SQL Injection (1.4.3)
Jenkins Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-1999043)
Sqlite Use After Free Vulnerability (CVE-2020-13871)
WordPress Plugin Listing, Classified Ads & Business Directory-uListing SQL Injection (2.0.3)