Description The Animator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sta_update_options() function in versions up to, and including, 3.0.10. This makes it possible for subscribers to modify the pluginβs settings. Version 3.0.9 used to provide a nopriv action hook, which allowed unauthenticated individuals to perform this task.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 3.0.11 |