Report
All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated and authenticated users, allowing unauthenticated attackers to modify various data in the plugin, such as add/edit/delete arbitrary tabs.
Score:5.3
Severity:Medium
Version: 1.3.1
There is a patch available in v1.3.2 and we strongly recommend you update to this version as soon as possible.
