CVE-2011-5254 – Connections Business Directory < 0.7.1.6 - Authorization Bypass

https://notcve.org/view.php?id=CVE-2011-5254

Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact and attack vectors. Vulnerabilidad sin especificar en el plugin Connections anterior a v0.7.1.6 para WordPress tiene un impacto y vectores de ataque desconocidos. The Connections plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 0.7.1.5 due to insufficient authorization checks. • http://secunia.com/advisories/47390 http://wordpress.org/extend/plugins/connections/changelog http://www.osvdb.org/78063 http://www.securityfocus.com/bid/51204 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •