2 matches found
WordPress Flex Store Users plugin <= 1.1.0 - Unauthenticated Privilege Escalation vulnerability
Unauthenticated Privilege Escalation vulnerability discovered by シルAsuna in WordPress Plugin Flex Store Users versions = 1.1.0...
CVE-2025-13619
The Flex Store Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.0. This is due to the 'fsUserHandle::signup' and the 'fsSellerRole::addroleseller' functions not restricting what user roles a user can register with. This makes it possible f...