Vulnerability CVE-2022-3419


Published: 2022-10-31

Description:
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator

Type:

CWE-352

(Cross-Site Request Forgery (CSRF))

 References:
https://wpscan.com/vulnerability/5909a423-9841-449c-a569-f687c609817b

Copyright 2026, cxsecurity.com

 

Back to Top