Description The plugin is vulnerable to unauthorized access to data and loss of data due to a missing capability check on multiple AJAX functions, allowing authenticated attackers, with subscriber access and above, to view reports and purge database transients.