Description The plugin is vulnerable to unauthorized modification of data due to a missing capability check and a misconfigured nonce check on the _update_shortcode function, allowing authenticated attackers, with subscriber access and above, to update the pluginβs shortcodes.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.8.1 |