CVE-2023-2546
CVE-2023-2546 affects the WordPress plugin WP User Switch. Vulnerability arises from incorrect authentication in wpus_allow_user_to_admin_bar_menu that uses the wpus_who_switch cookie, allowing an authenticated user with subscriber-level permissions or higher to impersonate any existing user (e.g...