Description
WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently change the password of arbitrary users. WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor version 1.1.59 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.60 or latest
References
Related Vulnerabilities
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress SQL Injection (3.11.1)
WordPress Plugin The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2)
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7)
SharePoint CVE-2021-40487 Vulnerability (CVE-2021-40487)
Oracle Database Server CVE-2019-2749 Vulnerability (CVE-2019-2749)