Description
WordPress Plugin Ultimeter is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently perform a variety of the plugin's actions or even take over a website. WordPress Plugin Ultimeter version 1.9.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.3 or latest
References
Related Vulnerabilities
WordPress Plugin WP Google Maps Cross-Site Scripting (7.11.34)
MySQL CVE-2017-3640 Vulnerability (CVE-2017-3640)
PHP Resource Management Errors Vulnerability (CVE-2014-3538)
Moodle Improper Input Validation Vulnerability (CVE-2012-0801)
WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)