2019-08-22 13:40:52
mitre
PUBLISHED
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX.