Arbitrary Plugin Deactivation Vulnerability in Gallery Images Ape WordPress Plugin (up to version 2.0.6)

Arbitrary Plugin Deactivation Vulnerability in Gallery Images Ape WordPress Plugin (up to version 2.0.6)

CVE-2019-25149 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site functionality or security.

Learn more about our Wordpress Pen Testing.