Description

WordPress Plugin User Registration & User Profile-Profile Builder is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently create new user accounts with admin privileges. WordPress Plugin User Registration & User Profile-Profile Builder version 2.3.5 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 2.3.6 or latest

References

Related Vulnerabilities