WordPress WPC Admin Columns plugin 2.0.6-2.1.0 - Authenticated (Subscriber+) Privilege Escalation via User Meta Update vulnerability

Authenticated Subscriber+ Privilege Escalation via User Meta Update vulnerability discovered by kr0d in WordPress Plugin WPC Admin Columns versions 2.0.6-2.1.0...

CVE-2020-22427

NagiosXI 5.6.11 is affected by a remote code execution RCE vulnerability. An authenticated nagiosadmin user can inject additional commands into a request. NOTE: the vendor disputes whether the CVE and its references are actionable because all technical details are omitted, and the only option is ...