User Role Editor <= 4.24 - Privilege Escalation

Affects Plugin

fixed in version 4.25

References

URL https://www.wordfence.com/blog/2016/04/user-role-editor-vulnerability/

Classification

Type PRIVESC
OWASP Top 10 A2: Broken Authentication and Session Management
CWE CWE-269

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 7197
Verified No
WPVDB ID 8432

Timeline

Publicly Published 2016-04-05 (over 4 years ago)
Added 2016-04-05 (over 4 years ago)
Last Updated 2019-10-31 (8 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin