Description
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor version 2.4.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.4.1 or latest
References
Related Vulnerabilities
phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)
WordPress Plugin YITH WooCommerce Product Add-Ons Cross-Site Scripting (2.2.2)
WordPress Plugin Frontend File Manager Cross-Site Request Forgery (21.3)
TYPO3 Improper Input Validation Vulnerability (CVE-2010-3716)