What makes this now-patched plugin hole especially dangerous is the lack of authentication needed for an attack, which can give the ability to change root/admin passwords. The disclosure of a major ...