The post-pay-counter plugin before 2.731 for WordPress has PHP Object Injection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| post_pay_counter_project | post_pay_counter | * |
The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| post_pay_counter_project | post_pay_counter | * |