Rewterz Threat Alert – Hybrid Composer plugin for WordPress security bypass

Severity

Medium

Analysis Summary

Hybrid Composer plugin for WordPress could allow a remote attacker to bypass security restrictions, caused by improper access control in wp_ajax_nopriv_ actions. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions.

Impact

Bypass Security

Affected Vendor

WordPress

Remediation

There are no patches/ updates available as of yet.