๐ Medium CVE-2021-24655: Wpusermanager Wp user manager
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: cxsecurity.com
The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password (to an arbitrary value) of any user knowing only their ID, and gain access to their account. ...