CVE-2019-15771
Summary: CVE-2019-15771 affects the WordPress plugin “nd-shortcodes” prior to version 6.0. A nopriv_ AJAX action in the plugin allows modification of the siteurl setting. Impact (as stated): This could enable an unauthenticated/privilege-abuse scenario by changing WordPress site URL related confi...