Description
WordPress Plugin Ultimeter is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently perform a variety of the plugin's actions or even take over a website. WordPress Plugin Ultimeter version 1.9.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.3 or latest
References
Related Vulnerabilities
Oracle Database Server CVE-2011-0785 Vulnerability (CVE-2011-0785)
WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0)
MySQL CVE-2020-14867 Vulnerability (CVE-2020-14867)
Drupal Core 9.0.x Directory Traversal (9.0.0 - 9.0.14)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)