4.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.7%
The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error.
wordpress.org/plugins/stops-core-theme-and-plugin-updates/#developers
wpvulndb.com/vulnerabilities/9837