Description
WordPress Plugin wpCentral is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently escalate their privilege or alter/upload any file. WordPress Plugin wpCentral version 1.4.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.4.8 or latest
References
https://www.webarxsecurity.com/wpcentral-plugin-leads-to-multiple-vulnerabilities/
https://plugins.svn.wordpress.org/wp-central/trunk/readme.txt
Related Vulnerabilities
WordPress Other Vulnerability (CVE-2007-3240)
PHP Use After Free Vulnerability (CVE-2016-4473)
Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)
WordPress Plugin Advanced Popups Cross-Site Request Forgery (1.1.1)
WordPress Plugin WP-FB-AutoConnect Multiple Cross-Site Request Forgery Vulnerabilities (4.0.5)