← Back

Jonathonkemp

jonathonkemp

1 CVE • 1 product

Products (1)

Click to collapse
Toggle
Wordpress Users
wordpress_users
1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-6390
1Jonathonkemp
1Wordpress Users
Jun 17, 2026
Jan 29, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The WordPress Users WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.