WordPress PublishPress Authors plugin <= 4.7.1 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary User Email Update and Account Takeover vulnerability
Insecure Direct Object Reference to Authenticated Author+ Arbitrary User Email Update and Account Takeover vulnerability discovered by wesley wcraft in WordPress Plugin PublishPress Authors versions = 4.7.1...