WordPress Premmerce User Roles plugin <= 1.0.12 - Broken Access Control vulnerability
CVE-2023-41130
8.1HIGH
What is CVE-2023-41130?
The vulnerability in the Premmerce User Roles plugin for WordPress arises from missing authorization controls, allowing attackers to exploit incorrectly configured access levels. This issue potentially enables malicious users to gain unauthorized access to resource functionalities, permitting them to alter permissions or access sensitive information. Implementing proper access management practices is crucial for securing installations of the Premmerce User Roles plugin, particularly versions up to and including 1.0.12, to mitigate the risk of such unauthorized exploitations.
Affected Version(s)
Premmerce User Roles <= 1.0.12