Insufficient Restrictions on Option Changes in stops-core-theme-and-plugin-updates Plugin for WordPress

Insufficient Restrictions on Option Changes in stops-core-theme-and-plugin-updates Plugin for WordPress

CVE-2019-15650 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error.

Learn more about our Wordpress Pen Testing.