Missing Authorization vulnerability in theme funda Setup Default Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Setup Default Featured Image: from n/a through 1.2.
Solution:
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.