cleantalk
Vulnerabilities and Security Researches

EDD Tab Manager, 7e57cd4f4859826de00a8e2b09ee24fb7f2d824b

CVE, Research URL

7e57cd4f4859826de00a8e2b09ee24fb7f2d824b

Home page URL

Security reports for EDD Tab Manager

Application

EDD Tab Manager

Published on
Feb 25, 2019
Research Description
EDD Tab Manager [edd-tab-manager] < 1.3.1 (closed) Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update The Freemius SDK for WordPress is vulnerable to authorization bypass due to a missing capability check on the _get_db_option and _set_db_option functions in versions up to, and including, 2.2.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to change site settings and potentially take over the site.
Affected versions
max 1.3.1.
Status
vulnerable
Previous vulnerability researches
Internal Linking for SEO traffic &amp; Ranking &#8211; Auto internal links (100% automatic) (bb4d8c6ce231464414d44706e8b51467551524ef) , Jun 16, 2026
Internal Linking for SEO traffic &amp; Ranking &#8211; Auto internal links (100% automatic) (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Internal Linking for SEO traffic &amp; Ranking &#8211; Auto internal links (100% automatic) (CVE-2023-33999) , Jun 13, 2026
Internal Linking for SEO traffic &amp; Ranking &#8211; Auto internal links (100% automatic) (CVE-2024-11009) , Nov 28, 2024
Internal Linking for SEO traffic &amp; Ranking &#8211; Auto internal links (100% automatic) (CVE-2022-4974) , Nov 16, 2024
New vulnerability
Happy Addons for Elementor (2bc1433c-6129-48f7-9d0a-84b5c680a6d1) , Jun 16, 2026
Happy Addons for Elementor (19b1bf37778359f6a7c661e53860cf8e5852f827) , Jun 16, 2026
My YouTube Channel (cdd87436e7677426044b066d0dc84ae47a39ad2b) , Jun 16, 2026
My YouTube Channel (ac490a9722e882661a9fa27c15b8e0b1f9d0f371) , Jun 16, 2026
My YouTube Channel (92fc65eb49e762e79cb87bdc7feb99561a92fd1a) , Jun 16, 2026