Thanks for that info.
I have set this plugin to require ‘Author’ privileges to be able to manage/update the calendar and there are only 3 trusted users who have this level of privilege.
With this restriction, are we still vulnerable to an attack?
Regards criticality, a bad actor would have to have both access to your WordPress dashboard and that too be a privileged user (by default this level is contributor), providing you trust your users at this level, the risk will be minimal.
Viewing 3 replies - 1 through 3 (of 3 total)
The topic ‘Why has this plugin been withdrawn’ is closed to new replies.