Description The Preloader for Website plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the plwao_register_settings() function in versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to reset the plugin’s settings.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 1.3 |