Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated users, such as Subscriber to change the Essential Widgets WordPress plugin prior to 1.9, To Top WordPress plugin prior to 2.3, Header Enhancement WordPress plugin prior to 1.5, Generate Child Theme WordPress plugin prior to 1.6, Essential Content Types WordPress plugin prior to 1.9, Catch Web Tools WordPress plugin prior to 2.7, Catch Under Construction WordPress plugin prior to 1.4, Catch Themes Demo Import WordPress plugin prior to 1.6, Catch Sticky Menu WordPress plugin prior to 1.7, Catch Scroll Progress Bar WordPress plugin prior to 1.6, Social Gallery and Widget WordPress plugin prior to 2.3, Catch Infinite Scroll WordPress plugin prior to 1.9, Catch Import Export WordPress plugin prior to 1.9, Catch Gallery WordPress plugin prior to 1.7, Catch Duplicate Switcher WordPress plugin prior to 1.6, Catch Breadcrumb WordPress plugin prior to 1.7, Catch IDs WordPress plugin prior to 2.4's configurations.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
catchplugins catch scroll progress bar |
||
catchplugins catch sticky menu |
||
catchplugins catch themes demo import |
||
catchplugins catch under construction |
||
catchplugins catch web tools |
||
catchplugins essential content types |
||
catchplugins generate child theme |
||
catchplugins header enhancement |
||
catchplugins to top |
||
catchplugins essential widgets |
Vulmon