2023-07-10 12:41:17
WPScan
PUBLISHED
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both.