Cozmoslabs - Profile Builder CVE

Filtered by vendor Cozmoslabs Subscribe

Filtered by product Profile Builder

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24527	1 Cozmoslabs	1 Profile Builder	2021-08-23	10.0 HIGH	9.8 CRITICAL
The User Registration & User Profile â€“ Profile Builder WordPress plugin before 3.4.9 has a bug allowing any user to reset the password of the admin of the blog, and gain unauthorised access, due to a bypass in the way the reset key is checked. Furthermore, the admin will not be notified of such change by email for example.

Vulnerabilities (CVE)