The MPG plugin for WordPress is not secure and can be accessed and changed without permission. This is because there is no check to make sure only authorized people can use certain functions. This means that anyone with a subscriber account or higher can upload csv files and see what is in MPG projects.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
