Lucene search

K
patchstackFrancesco CarlucciPATCHSTACK:76F28EA67ED8AC65365C316830E57896
HistoryNov 15, 2021 - 12:00 a.m.

WordPress User meta shortcodes plugin <= 0.5 - Unauthorized Arbitrary User Metadata Access vulnerability

2021-11-1500:00:00
Francesco Carlucci
patchstack.com
5

0.001 Low

EPSS

Percentile

24.8%

Unauthorized Arbitrary User Metadata Access vulnerability discovered by Francesco Carlucci in WordPress User meta shortcodes plugin (versions <= 0.5).

Solution

Deactivate and delete. This plugin has been closed as of October 12, 2021 and is not available for download. This closure is temporary, pending a full review.

CPENameOperatorVersion
user meta shortcodesle0.5

0.001 Low

EPSS

Percentile

24.8%

Related for PATCHSTACK:76F28EA67ED8AC65365C316830E57896