The Organic Groups Menu (aka OG Menu) module before 7.x-2.2 for Drupal allows remote authenticated users with the "access administration pages" permission to change module settings via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Privilege Escalation
Organic Groups Menu
NVD
CVSS 2.0
3.5
EPSS
0.2%