CVE-2021-24779

Name of the Vulnerable Software and Affected Versions: WP Debugging WordPress plugin versions prior to 2.11.0

Description: The issue concerns the update settings() function, which is hooked to admin init and lacks authorization and CSRF checks. This allows settings to be updated by unauthenticated users.

Recommendations: For WP Debugging WordPress plugin versions prior to 2.11.0, update to version 2.11.0 or later to resolve the issue. As a temporary workaround, consider disabling the update settings() function until a patch is available.