The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page
8.8CVSS
8.6AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation β AidWP plugin <= 3.1.5 versions.
8.8CVSS
8.8AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin WordPress Books Gallery plugin <= 4.4.8 versions.
8.8CVSS
8.8AI Score
0.001EPSS
Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin β JobWP.This issue affects WordPress Job Board and Recruitment Plugin β JobWP: from n/a through 2.0.
10CVSS
9.4AI Score
0.001EPSS
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin β JobWP.This issue affects WordPress Job Board and Recruitment Plugin β JobWP: from n/a through 2.1.
7.5CVSS
7.4AI Score
0.001EPSS