CVE-2023-2434

Name of the Vulnerable Software and Affected Versions Nested Pages plugin for WordPress versions up to, and including, 3.2.3

Description The issue is related to a missing capability check on the reset function, which allows authenticated attackers with editor-level permissions and above to reset plugin settings, potentially leading to unauthorized loss of data.

Recommendations For Nested Pages plugin for WordPress versions up to, and including, 3.2.3, update to a version higher than 3.2.3 to resolve the issue. As a temporary workaround, consider restricting editor-level permissions to prevent unauthorized access to the plugin settings.