The Bulletin plugin for WordPress, called the WordPress Announcement & Notification Banner Plugin, has a security vulnerability. This means that people who are able to log in as administrators or higher can add their own commands to the database. These commands can be used to access private information. This vulnerability exists in versions up to and including 3.8.5.