Description The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized settings reset due to a missing capability check on the settings_reset function in versions up to, and including, 2.1.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to reset plugin settings.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.1.5 |