CVE-2021-47932 WordPress TheCartPress 1.5.3.6 Privilege Escalation Unauthenticated
WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX handler. Attackers can send POST requests to the tcpregisterandloginajax action with tcprole set to...