Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites 5.2

  • Severity: high-risk
  • Status: Fixed
  • Publication: December 12, 2024

The MainWP Child plugin for WordPress allows users to manage multiple sites through a dashboard. However, there is a security flaw in versions up to 5.2. This flaw allows unauthorized individuals to gain administrator access to sites that have not yet been connected to the MainWP Dashboard. It is important to note that this only affects sites with the MainWP Child plugin installed and not yet connected to the dashboard, and do not have the unique security ID feature enabled. If your site is already connected to the dashboard or has the security ID feature enabled, you do not need to upgrade. Please be aware that version 5.2.1 has a partial fix, but version 5.3 is the complete fix.

Detected in:

MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.