CVE

CVE-2023-0820

CVE-2023-0820

The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.

Source: CVE-2023-0820

Exit mobile version