3 matches found
CVE-2023-6007
The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, or delete use...
CVE-2023-6007
CVE-2023-6007 affects the WordPress plugin UserPro – Community and User Profile WordPress Plugin . Root cause: a missing capability check on multiple functions in all versions up to 5.1.1, allowing unauthenticated attackers to perform data access and manipulation. Impact (as stated): attackers ca...
WordPress Userpro Plugin <= 5.1.1 is vulnerable to Broken Access Control
Software Userpro Type Plugin Vulnerable versions = 5.1.1 Fixed in 5.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6007 Patch priority Low CVSS severity Low 7.3 Developer Claim ownership PSID e8ac26fc5935 Credits István Márton Required privilege...