CVE-2023-6390
CVE-2023-6390 is a CSRF vulnerability in WordPress Users plugin (version <= 1.4) where updating settings is not protected by CSRF checks, potentially allowing a logged-in admin to change settings via CSRF. The issue is documented across multiple sources, and no public patch/version fix is conf...