Description The Participants Database plugin for WordPress is vulnerable to unauthorized manipulation of data due to a missing capability check on several functions hooked via admin-post in all versions up to, and including, 2.5.5. This makes it possible for unauthenticated attackers to add and modify record fields.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.5.6 |