Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5.CreditsSulabh Jain | Patchstack Bug Bounty ProgramReferenceshttps://patchstack.com/database/wordpress/theme/constructor/vulnerability/wordpress-constructor-theme-1-6-5-broken-access-control-vulnerability?_s_id=cve
