CVE-2018-1000507

WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types. This attack appear to be exploitable via Admin must click on link. This vulnerability appears to have been fixed in 2.1.1.
References
Link Resource
https://advisories.dxw.com/advisories/csrf-wp-user-groups/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:jjj:wp_user_groups:2.0.0:*:*:*:*:wordpress:*:*

Information

Published : 2018-06-26 04:29

Updated : 2018-08-30 05:32


NVD link : CVE-2018-1000507

Mitre link : CVE-2018-1000507

Products Affected
No products.
CWE