Report
The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature
Score:3.8
Severity:Low
Version: 3.4.1
There is a patch available in v3.4.2 and we strongly recommend you update to this version as soon as possible.
