Closed georgeolaru closed 1 year ago
There seems to be an issue regarding a missing WP Nonce which could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication.
Reference
@pixelgradebot whenever you have some free time, please take a look over this. Thanks!
Fixed in https://github.com/pixelgrade/pixtypes/commit/b8c08c04d18ac17354836cb942233e3370ffc332
@pixelgradebot There is a related issue on the PixFields plugin: https://github.com/pixelgrade/pixfields/issues/13
There seems to be an issue regarding a missing WP Nonce which could allow a malicious actor to force higher privileged users to execute unwanted actions under their current authentication.
Reference
@pixelgradebot whenever you have some free time, please take a look over this. Thanks!