Shramee

**Name of the Vulnerable Software and Affected Versions** Freemius SDK versions up to, and including 2.4.2 Freemius SDK versions prior to 2.4.3 **Description** The issue concerns Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the `checkPassword()` is not mentioned but the following functions are: ` get debug log`, ` get db option`, and the ` set db option` functions. **Recommendations** For Freemius SDK versions up to, and including 2.4.2, update to version 2.4.3 or later. For Freemius SDK versions prior to 2.4.3, update to version 2.4.3 or later.