CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-3419

The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.1%

CVSS Severity

CVSS v3 Score 6.5

References

https://wpscan.com/vulnerability/5909a423-9841-449c-a569-f687c609817b
https://wpscan.com/vulnerability/5909a423-9841-449c-a569-f687c609817b

Products affected by CVE-2022-3419

Addify » Automatic User Roles Switcher » Version: Any

cpe:2.3:a:addify:automatic_user_roles_switcher:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-3419

Products

Pricing

Contact Us