Broken Authentication vulnerability via Nonce Token Leakage Leading to Plugin Settings Change discovered by Dave Jong (Patchstack) in the WordPress SearchWP premium plugin (versions <= 4.2.5).
Update the WordPress SearchWP plugin to the latest available version (at least 4.2.6).