2 matches found
CVE-2024-12293
creationtimestamp| type| source ---|---|--- 2024-12-17 08:24:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113667204127803065 2024-12-17 10:55:41+00:00| seen| https://t.me/cvedetector/13077...
CVE-2024-12293
CVE-2024-12293 concerns the WordPress plugin User Role Editor. The vulnerability is a CSRF flaw in update_roles() that allows unauthenticated attackers to add or remove roles for arbitrary users, potentially escalating privileges to administrator. Affected versions are all up to and including 4.6...