Report
The Gutenverse plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'data/update' API Endpoint function in versions up to, and including, 1.8.5. This makes it possible for unauthenticated attackers to perform an unauthorized data update.
Score:5.3
Severity:Medium
Version: 1.8.5
There is a patch available in v1.8.6 and we strongly recommend you update to this version as soon as possible.
