Broken Access Control vulnerability leading to unauth. changing of Opt-In or Opt-Out tracking settings discovered by Nguyen Anh Tien (Patchstack Alliance) in the WordPress LoginPress plugin (versions <= 1.6.2).
Update the WordPress LoginPress plugin to the latest available version (at least 1.6.3).