Critical Vulnerability in WordPress Modular DS Plugin Actively Exploited

A critical vulnerability has been identified in the WordPress plugin Modular DS, which is currently being actively exploited by attackers. The flaw allows for unauthenticated privilege escalation and affects all versions of the plugin up to and including 2.5.1. No additional technical details (such as a CVE identifier or the exact mechanism) have been provided. The impact concerns websites using this plugin, which are exposed to potential takeovers.