The QuickSwish plugin for WordPress is not secure in versions 1.0.9 and earlier. This means that people who are not authorized to do so could activate plugins that have been installed but not activated on the site. They could do this by making a fake request and getting a site administrator to do something like click on a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
