Description
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
Remediation
References
Related Vulnerabilities
WordPress Plugin PWG Random Cross-Site Request Forgery (1.11)
WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)
WordPress Plugin Ecommerce-Two Factor Authentication Cross-Site Scripting (1.0.4)
WordPress Plugin Zingiri Web Shop 'uploadfilexd.php' Arbitrary File Upload (2.4.3)
WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.1.8)