2 matches found
CVE-2025-11620
creationtimestamp| type| source ---|---|--- 2025-11-18 10:35:30+00:00| seen| https://gist.github.com/Darkcrai86/3b46318d5feadc46d810527e4fe7542f...
CVE-2025-11620
CVE-2025-11620 concerns the WordPress plugin Multiple Roles per User where a missing capability check on the functions mrpu_add_multiple_roles_ui and mrpu_save_multiple_user_roles in all versions up to 1.0 allows authenticated attackers with the edit_users capability to modify any user’s role (e....