Settings Change Vulnerability in Total Security Plugin for WordPress
CVE-2016-10899
5.3MEDIUM
Summary
The Total Security Plugin for WordPress, prior to version 3.4.1, has been identified to contain a settings change vulnerability. This flaw allows an attacker with access to the plugin settings to make unauthorized changes, potentially altering security configurations without proper permissions. Proper updates to the plugin are recommended to mitigate any risks associated with this security issue.
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved