Unauthenticated Privilege Escalation vulnerability that allows unauthenticated attackers to insert a malicious administrator discovered by Chloe Chamberland (Wordfence) in WordPress WPGateway premium plugin (versions <= 3.5)
Deactivate and delete. No fix is available.