4 matches found
CVE-2022-3419
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator...
WordPress plugin Automatic User Roles Switcher 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress...
CVE-2022-3419 Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator...
WordPress Automatic User Roles Switcher premium plugin <= 1.1.1 - Auth. Privilege Escalation vulnerability
Auth. Privilege Escalation vulnerability discovered by WPScan in WordPress Automatic User Roles Switcher premium plugin versions = 1.1.1. Solution Update the WordPress Automatic User Roles Switcher plugin to the latest available version at least 1.1.2...