UserPro Plugin Vulnerability Allows Account Takeover
Patchstack discovered the critical flaw in the plugin’s password reset mechanism, specifically within the userpro_process_form function, which allowed unauthenticated users to change the passwords of other users under certain conditions.
Cyware News – Latest Cyber News – Read More