WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Crew HRM versions = 1.2.2...