Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-0820

Disclosure Date: April 03, 2023 (last updated October 08, 2023)
The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0