Vulnerability CVE-2022-3930
Published: 2022-12-12

Description:
The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.

Type:

CWE-639

 (Authorization Bypass Through User-Controlled Key)

 References:
https://wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413
Copyright 2026, cxsecurity.com

 

Back to Top