7.3 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.1%
The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.