Date published: 2014-05-22T11:13:05.097-04:00
Date last modified: 2014-06-27T12:52:11.297-04:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Reference URL: http://wordpress.org/plugins/tinymce-colorpicker/changelog
Summary: The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.