The Plausible Analytics plugin had an issue with its security settings in versions up to 1.2.3. This issue allowed any user, even those with limited capabilities like subscribers, to make changes to the settings without authorization. The issue was caused by the save_admin_settings() function not being properly configured with a capability and nonce check.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
