2 matches found
CVE-2019-15111
The wp-front-end-profile plugin before 0.2.2 for WordPress has a privilege escalation issue...
CVE-2019-15111
CVE-2019-15111 affects the WordPress plugin wp-front-end-profile before 0.2.2. The root cause is a permissions/ACL flaw in the plugin that lets an attacker modify a user profile via POST data, overwriting wp_capabilities and wp_user_level to escalate privileges to administrator. Some reports also...