Description
WordPress Plugin Thrive Ultimatum is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add arbitrary data to a predefined option in the wp_options table. WordPress Plugin Thrive Ultimatum version 2.3.9.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.3.9.4 or latest
References
Related Vulnerabilities
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.3)
Ruby Other Vulnerability (CVE-2016-2337)
Apache HTTP Server Other Vulnerability (CVE-2010-1452)
WordPress Plugin Duplicator-WordPress Migration Cross-Site Scripting (1.2.28)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1999006)