The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPress has insufficient restrictions on option changes (such as disabling unattended theme updates) because of a nonce check error.Referenceshttps://wordpress.org/plugins/stops-core-theme-and-plugin-updates/#developershttps://wpvulndb.com/vulnerabilities/9837
