Unintended Account Creation Vulnerability in ConvertPlus Plugin for WordPress
CVE-2019-15863 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants.
Learn more about our Wordpress Pen Testing.