Documentation: Home / Vulnerabilities / Access violation vulnerability in WP VR – 360 Panorama and Virtual Tour Builder For WordPress 8.3.14

Latest

Access violation vulnerability in WP VR – 360 Panorama and Virtual Tour Builder For WordPress 8.3.14

CVE-2023-6529

Severity: medium-risk
Status: Fixed
Publication: December 14, 2023

The WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin has a security issue that allows unauthorized access. This is because the plugin does not check for proper permissions when using the trigger_rollback() function. This vulnerability exists in all versions up to 8.3.14, which means that attackers without proper authentication can lower the plugin’s version. This can be used to exploit previous vulnerabilities.

Detected in:

WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress fixed vulnerable versions:

WP VR – 360 Panorama and Virtual Tour Builder For WordPress fixed vulnerable versions: >= * <= 8.3.14

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Protecting site visitors with Security Headers

Hardening your website’s security

Login protection as essential security

Why WordPress is (in)secure

Staying ahead of vulnerabilities

Password has been found in a data breach

Access violation vulnerability in WP VR – 360 Panorama and Virtual Tour Builder For WordPress 8.3.14

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles