Description
WordPress Plugin BAVOKO SEO Tools-All-in-One WordPress SEO is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently perform a variety of the plugin's actions or even take over a website. WordPress Plugin BAVOKO SEO Tools-All-in-One WordPress SEO version 2.1.9.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.1.9.8 or latest
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5014)
WordPress Plugin Video.js-HTML5 Video Player for Wordpress Cross-Site Scripting (3.2.3)
WordPress Plugin Memphis Documents Library Arbitrary File Download (3.1.5)
ReviveAdserver Session Fixation Vulnerability (CVE-2017-5831)