CVE-2020-36833

Vulnerability Description

The Indeed Membership Pro plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on various AJAX actions in versions 7.3 - 8.6. This makes it possible for authenticated attacker, with minimal permission, such as a subscriber, to perform a variety of actions such as modifying settings and viewing sensitive data.

Vulnerability Details

Published Date

October 16, 2024

Last Modified

October 16, 2024

Source

NVD

CVE-2020-36833

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment