Broken Access Control vulnerability leading to Plugin Settings Change discovered by Lana Codes (Patchstack Alliance) in WordPress miniOrange’s Google Authenticator plugin (versions <= 5.6.1).
Update the WordPress miniOrange's Google Authenticator plugin to the latest available version (at least 5.6.2).