PT-2024-37570 · WordPress · User Profile Builder

Name of the Vulnerable Software and Affected Versions: User Profile Builder WordPress plugin versions prior to 3.11.8 Description: The issue allows unauthenticated users to upload media files via the async upload functionality of WordPress due to a lack of proper authorization. Recommendations: F...