2 matches found
CVE-2024-2417
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the formsaveaction function in all versions up to, and including, 3.1.5. This makes it possible for...
WordPress User Registration Plugin <= 3.1.5 is vulnerable to Broken Access Control
Software User Registration Type Plugin Vulnerable versions = 3.1.5 Fixed in 3.2.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2417 Patch priority High CVSS severity High 8.8 Developer Masteriyo PSID f4d185ab446a Credits Stiofan Required privilege...