CVE-2016-10996
The CVE-2016-10996 vulnerability affects the WordPress OptinMonster plugin prior to version 1.1.4.6. The root cause is incorrect access control for shortcode execution caused by a nonce leak, allowing an attacker to exploit shortcode handling. Several sources confirm the issue and reference the s...