NotCVE - vendor:"User Drop Down Roles In Registration"

1 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-49217 – WordPress Adding drop down roles in registration plugin <= 1.1 - Privilege Escalation vulnerability

https://notcve.org/view.php?id=CVE-2024-49217

Incorrect Privilege Assignment vulnerability in Madiri Salman Aashish Adding drop down roles in registration allows Privilege Escalation.This issue affects Adding drop down roles in registration: from n/a through 1.1. The Adding drop down roles in registration plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1. This is due to the plugin not properly restricting what roles a user can register as. This makes it possible for unauthenticated attackers to register as an administrator. • https://patchstack.com/database/vulnerability/user-drop-down-roles-in-registration/wordpress-adding-drop-down-roles-in-registration-plugin-1-1-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment •