Cross-Site Request Forgery in User Access Manager Plugin for WordPress
CVE-2011-5328
8.8HIGH
Summary
The User Access Manager plugin for WordPress prior to version 1.2 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability. This flaw permits attackers to send unauthorized requests on behalf of legitimate users, potentially compromising their access and causing unintended actions to be executed. It is crucial for users and administrators to upgrade to the latest version to mitigate such security risks.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved