User Meta Shortcodes
Monthly
The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The User Meta Shortcodes WordPress plugin through 0.5 registers a shortcode that allows any user with a role as low as contributor to access other users metadata by specifying the user login as a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.