The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value passed to the image_id parameter of the ajax action wpqa_remove_image belongs to the requesting user, allowing any users (with privileges as low as Subscriber) to delete the profile pictures of any other user.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/7ee95a53-5fe9-404c-a77a-d1218265e4aa | Exploit Third Party Advisory |
Configurations
Information
Published : 2022-05-16 08:15
Updated : 2022-05-24 14:39
NVD link : CVE-2022-1349
Mitre link : CVE-2022-1349
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
2code
- wpqa_builder