CVE-2021-4366
The CVE-2021-4366 entry concerns the WordPress PWA for WP & AMP plugin. Affected component: pwaforwp_update_features_options function. Root cause: missing capability check leads to an authorization bypass in versions up to and including 1.7.32, allowing authenticated attackers to alter restricted...