CVE-2025-12170 Checkbox <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...