The User Role by BestWebSoft WordPress plugin prior to 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bestwebsoft user role |