Description The plugin does not check capabilities when processing AJAX actions, allowing unauthenticated attackers to perform actions intended for higher privileged users. This vulnerability is the same as CVE-2023-5533 but was reintroduced in version 4.9.2.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 4.9.3 |