CSRF Vulnerability in WP User Groups 2.0.0 Allows Unauthorized Modification of User Groups and Types
CVE-2018-1000507 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types. This attack appear to be exploitable via Admin must click on link. This vulnerability appears to have been fixed in 2.1.1.
Learn more about our User Device Pen Test.