The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2023-11-22T15:33:25.681Z
Updated: 2023-11-22T15:33:25.681Z
Reserved: 2023-11-08T05:31:49.918Z
Link: CVE-2023-6007
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-22T16:15:15.210
Modified: 2023-11-29T19:01:54.823
Link: CVE-2023-6007
JSON object: View
Redhat Information
No data.
CWE