Security feature bypass

2023-06-0702:15:00

PRIOn knowledge base

www.prio-n.com

wordpress

plugin

vulnerability

deactivation

site security

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.5%

JSON

The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site functionality or security.

CPENameOperatorVersion
gallery_images_apele2.0.6

CPE	Name	Operator	Version
	gallery_images_ape	le	2.0.6

References

blog.nintechnet.com/wordpress-ape-gallery-plugin-fixed-authenticated-arbitrary-plugin-deactivation-vulnerability/

www.wordfence.com/threat-intel/vulnerabilities/id/dfd6c2b8-b00c-49d1-930f-50397e742ac5?source=cve