CVE-2024-11443 de:branding <= 1.0.2 - Authenticated (Subscriber+) Arbitrary Options Update
The de:branding plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the debrandingsave function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with...