MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) <= 10.1.2

The MonsterInsights WordPress plugin through 10.1.2 is vulnerable to unauthorized access and data modification, allowing authenticated attackers with subscriber-level access to retrieve Google OAuth tokens and reset Google Ads integration due to missing capability checks on `get_ads_access_token()` and `reset_experience()` functions.