Description The plugin is vulnerable to unauthorized admin notice dismissal due to a missing capability check on the dismiss_ajax_call function, making it possible for authenticated attackers, with subscriber-level access and above, to dismiss notices intended for admins.
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.9.2 |