CVE-2024-13716
The CVE relates to the WordPress Forex Calculators plugin. Multiple sources confirm a missing capability check in the ajax_settings_callback() path, enabling authenticated attackers with Subscriber-level access and above to modify plugin settings. Affected versions are up to 1.3.5 (per CVE detail...