Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro

Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro

While investigating the SiteGround Optimizer and Caldera Forms Pro plugins we have discovered a critical privilege escalation vulnerability.

It was not being abused externally and impacts over 500,000 sites. It’s urgency is defined by the associated DREAD score that looks at damage, reproducibility, exploitability, affected users, and discoverability.

A key contributor to the criticality of these vulnerabilities is that it’s exploitable by any user (it’s not restricted to privileged users – e.g., admins) and is easy to exploit remotely.

Continue reading Insufficient Privilege Validation in SiteGround Optimizer & Caldera Forms Pro at Sucuri Blog.

Via Sucuri.net

Tags: , , ,

No comments yet.

Leave a Reply