Description The plugin is vulnerable to unauthorized modifcation of data due to a missing capability check on the saveApiKey() function hooked via admin_init in all versions up to, and including, 3.0.8. This makes it possible for unauthenticated attackers to modify the API key for the…Read More