2024-11-09 02:32:03
Wordfence
PUBLISHED
The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ce21_single_sign_on_save_api_settings function in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to change plugin settings.