Arbitrary Settings Update & Invitation Code Creation via CSRF vulnerability discovered by Daniel Ruf in WordPress New User Approve plugin (versions <= 2.3).
Update the WordPress New User Approve plugin to the latest available version (at least 2.4).
CPE | Name | Operator | Version |
---|---|---|---|
new user approve | le | 2.3 |