Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-4059

Disclosure Date: September 04, 2023 (last updated October 08, 2023)
The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0