WordPress uListing plugin <= 1.6.6 - Unauthenticated Arbitrary Roles and Capabilities Creation/Deletion vulnerability
- Unauthenticated Arbitrary Roles and Capabilities Creation/Deletion vulnerability found by Jerome Bruandet in WordPress uListing plugin (versions <= 1.6.6).
- Update the WordPress uListing plugin to the latest available version (at least 1.7).
OWASP Top 10 A7: Missing Function Level Access Control
- Name CVE-N/A
Fixed In 1.7
- Disclosure date
- Jerome Bruandet (NinTechNet)