Edit (WPScanTeam): Even though the original advisory mentions that it only affect accounts with the administrator privilege, subscriber accounts and above can exploit the issue, as the nonce can be retrieved when submitting a request with a specific cookie, as described at https://www.wordfence.com/blog/2019/07/critical-vulnerability-patched-in-ad-inserter-plugin/
Wilfried Becard (Synacktiv.com)
Yes
2019-07-12 (about 3 years ago)
2019-07-12 (about 3 years ago)
2020-09-22 (about 2 years ago)