Skip to main content

Hm Multiple Roles

1 CVEs product

Monthly

CVE-2021-24602 HIGH POC This Week

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Privilege Escalation Hm Multiple Roles
NVD WPScan
CVSS 3.1
8.8
EPSS
1.5%
EPSS 2% CVSS 8.8
HIGH POC This Week

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Privilege Escalation Hm Multiple Roles
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy