ImageManager plugin contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the plugin not properly authenticating users. A remote attacker could use this vulnerability to bypass authentication and upload or delete images. No further details have been provided.
Upgrade to version 1.4.0a or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.