CVE-2014-3844

The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.

Date published : 2014-05-22

http://wordpress.org/plugins/tinymce-colorpicker/changelog

http://secunia.com/advisories/58095