Log out
Get PRO

Latest

Access violation vulnerability in WP VR – 360 Panorama and Virtual Tour Builder For WordPress 8.3.14

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 14, 2023

The WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin has a security issue that allows unauthorized access. This is because the plugin does not check for proper permissions when using the trigger_rollback() function. This vulnerability exists in all versions up to 8.3.14, which means that attackers without proper authentication can lower the plugin’s version. This can be used to exploit previous vulnerabilities.

Detected in:

WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress fixed vulnerable versions:
WP VR – 360 Panorama and Virtual Tour Builder For WordPress fixed vulnerable versions: >= * <= 8.3.14

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.