2 matches found
CVE-2023-3713
CVE-2023-3713 affects ProfileGrid – User Profiles, Memberships, Groups and Communities (WordPress). Up to version 5.5.1, a missing capability check in profile_magic_check_smtp_connection allows authenticated users with subscriber-level+ privileges to arbitrarily modify site options, enabling priv...
WordPress ProfileGrid Plugin <= 5.5.1 is vulnerable to Broken Access Control
Software ProfileGrid Type Plugin Vulnerable versions = 5.5.1 Fixed in 5.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3713 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 8475e71147a0 Credits Lana Codes Required privilege...