Description The WP Setup Wizard plugin for WordPress is vulnerable to unauthorized access of datadue to a missing capability check in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to download the entire database.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.0.8.2 |