Xola <= 1.6 - Missing Authorization
EntreBase Advisory: The Xola plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.
Read more about this vulnerability: https://www.wordfence.com/threat-intel/vulnerabilities/id/f5b18726-a880-4e06-8f33-77aea7323000?source=api-prod
