Auth. Insecure Direct Object References (IDOR) vulnerability leading to arbitrary user password update discovered by cydave in the WordPress Directorist plugin (versions <= 7.4.2.1).
Update the WordPress Directorist plugin to the latest available version (at least 7.4.2.2).
CPE | Name | Operator | Version |
---|---|---|---|
directorist | le | 7.4.2.1 |