CVE-2023-41130

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Dec 13, 2024
CWE ID 862

Summary

CVE-2023-41130 is a Missing Authorization vulnerability affecting Premmerce User Roles, a plugin used for managing user roles in WordPress sites. The flaw permits unauthorized access to functionalities if the access control security levels are incorrectly configured. This issue affects versions of Premmerce User Roles from n/a to 1.0.12. Successful exploitation can result in serious data breaches and unintended modifications to the plugin's settings. Users are advised to update to the latest version or use alternate solutions to secure their WordPress installations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share