The wp-invoice plugin before 4.1.1 for WordPress has wpi_update_user_option privilege escalation.Referenceshttps://wpvulndb.com/vulnerabilities/8378https://wordpress.org/plugins/wp-invoice/#developershttp://www.pritect.net/blog/wp-invoice-4-1-1-security-vulnerabilities
