WP Import Export Lite < 3.9.5 - Subscriber+ Arbitrary Blog Options Update. Lack of CSRF and authorisation checks in wpie_ext_save_extension_data AJAX action allows any user to update blog options, leading to potential blog and plugin usability issues
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo