Description
WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently gather information about users that can targeted in further attacks. WordPress Plugin WP Cerber Security, Anti-spam & Malware Scan version 9.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 9.1 or latest
References
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2939
https://plugins.svn.wordpress.org/wp-cerber/trunk/readme.txt
Related Vulnerabilities
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27492)
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540)
WordPress Plugin Event List SQL Injection (0.7.8)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35480)
WordPress Plugin Enable Media Replace Unspecified Vulnerability (2.9.5)