Vigil@nce - WordPress SEO Plugin LiveOptim: privilege escalation
January 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use WordPress SEO Plugin LiveOptim, in order to
escalate his privileges.
Impacted products: WordPress Plugins
Severity: 2/4
Creation date: 14/01/2015
DESCRIPTION OF THE VULNERABILITY
The SEO Plugin LiveOptim plugin can be installed on WordPress.
However, an attacker can hijack the identity of the administrator.
Technical details are unknown.
An attacker can therefore use WordPress SEO Plugin LiveOptim, in
order to escalate his privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WordPress-SEO-Plugin-LiveOptim-privilege-escalation-15965