CVE-2021-24602

Summary

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page

Affected Software

VendorProductVersion RangeStatus
UnknownHM Multiple Roles1.3 < 1.3affected

Weaknesses

  • CWE-269: CWE-269 Improper Privilege Management

ADP Enrichment

CVE Program Container

Additional References

References