Description The plugin is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple AJAX functions, allowing unauthenticated attackers to save draft posts and download arbitrary JSON files from the server.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.0.30 |