2025-11-27 02:26:13
Wordfence
PUBLISHED
The Reuters Direct plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the logoff action in all versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to reset the plugins settings.