CVE-2019-9574
The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave modification occurs in the context of the Administrator or HR Manager role.
Date published : 2019-03-05
http://www.securityfocus.com/bid/107464