2024-06-08 05:44:28
Wordfence
PUBLISHED
The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the License Key field for the Activate Pro License setting.