WordPress WP Timetics plugin <= 1.0.25 - Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover vulnerability discovered by wesley wcraft in WordPress Plugin Timetics versions = 1.0.25...