The Inactive Logout plugin for WordPress has a security vulnerability that could allow unauthenticated attackers to reset the plugin’s settings without authorization. This vulnerability affects versions up to and including 3.2.2. In order to exploit this vulnerability, the attacker would need to convince a site administrator to perform an action such as clicking on a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
