The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.0. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.

Deep Instinct Blog

Deep Instinct's Deep Learning Blog keeps professionals up to date on news and trends in the sophisticated deep learning, AI and cybersecurity industries. As our experts uncover critical finders, we find it only necessary to keep you informed. From perspective on recent threats to best practices in security we cover it.