That should hurt. After the massive login password sloppiness recently, there is now the next problem of this nature on Macs. Affected is now the Mac App Store in macOS High Sierra. There you can probably change the settings with any password.
It may be a trifle in a way, because you can not really do much in the app store settings. The possibility on the Mac then without additional password indication Apps to buy is probably the worst. However, not only does one have to have direct access to the Mac to take advantage of this gap, but also be on the go in an admin account. The hurdles are great, the effect is low, but still this should be another embarrassing case for Apple, which puts their reputation as a particularly secure system software in the shade.
macOS 10.13.3 should probably fix the error.