4 matches found
CVE-2024-35700
Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.8...
CVE-2024-35700 WordPress UserPro plugin <= 5.1.8 - Unauthenticated Account Takeover vulnerability
Improper Privilege Management vulnerability in DeluxeThemes Userpro allows Privilege Escalation.This issue affects Userpro: from n/a through 5.1.8...
CVE-2024-35700
CVE-2024-35700 affects the WordPress plugin “UserPro” (DeluxeThemes) up to version 5.1.8. The issue is described as Improper Privilege Management enabling Unauthenticated Account Takeover with privilege escalation. Impact as stated: confidential and integrity/availability impact; CVSS v3.1 base s...
WordPress Userpro Plugin <= 5.1.8 is vulnerable to Privilege Escalation
Software Userpro Type Plugin Vulnerable versions = 5.1.8 Fixed in 5.1.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-35700 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID fbe11c6e1e92 Credits Rafie Muhammad...