Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update

在查看更多的插件和主题后,发现了2个主题和更多的插件存在Freemius Library 未更新的情况,从而导致了低权限用户可以任意更改网站配置

after i looked into more plugins,i found the same vulnerability for other plugins and they are available for download

Turbo Widgets

Revolution for Elementor

Social Gallery Lite

Fast WordPress

WP Photo Effects

Affiliate Link Builder Plugin for Amazon Associates – Review Engine

Easy Code Snippets

WordPress Animation Plugin – Animated Everything


CO2ok: carbon offsetting for e-commerce

Woo Admin Product Notes

Master Blocks – Gutenberg Site Builder

Cryptocurrency Portfolio Tracker

Before and After Product Images for WooCommerce

Get feedback from visitors – WP Feedback Suite Plugin

Any Popup – Popup Forms, Optins & Ads

EDD Tab Manager

SheetPress – Manage WordPress Meta data with Google Sheets

KRSP Frontend File Uploader

GFireM Fields

Easy Digital Downloads – Courses

SnazzyAdmin WP Admin Theme

Price Bands for WooCommerce

FIT: Featured Image Toolkit

Giveaways for woocommerce

wGauge – Free Version

Nitek Carousel Slider Cool Transitions

Past Events Extension

Ant Admin Notices for Team

MailChimp Manager