The UserPro plugin for WordPress is vulnerable to unauthorized access of data, modification of data, loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.1.1. This makes it possible for unauthenticated attackers to add, modify, or delete user meta and plugin options.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: Wordfence
Published: 2023-11-22T15:33:25.681Z
Updated: 2024-08-02T08:14:25.142Z
Reserved: 2023-11-08T05:31:49.918Z
Link: CVE-2023-6007

No data.

Status : Modified
Published: 2023-11-22T16:15:15.210
Modified: 2024-11-21T08:42:58.127
Link: CVE-2023-6007

No data.