The Leyka plugin for WordPress is a piece of software that can be used to accept donations from visitors on a website. Unfortunately, versions of the software up to and including 3.3.0 have a security flaw that allows donors to gain access to administrator accounts. This is done by setting the same password when initially creating their account as the administrator account.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
