Report
The Newspack Newsletters plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the api_content function in versions up to, and including, 2.13.2. This makes it possible for unauthenticated attackers to retrieve campaign information.
Score:5.3
Severity:Medium
Version: 2.13.2
There is a patch available in v2.13.3 and we strongly recommend you update to this version as soon as possible.
