The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.
CPE | Name | Operator | Version |
---|---|---|---|
color_picker | le | 1.1 |