WordPress Ave Core plugin <= 2.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Ave Core versions = 2.9.1...