Medium Severity Vulnerability Patched in User Profile Picture Plugin
|
System information
|
|
|
Affected software |
Wordpress |
Description
|
On February 15, 2021, our Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in User Profile Picture, a WordPress plugin installed on over 60,000 sites. The vulnerability made it possible for authenticated users with the upload_files capability to obtain sensitive user information. We initially reached out to Cozmoslabs, the […]
More info:
https://www.wordfence.com/blog/2021/03/medium-severity-vulnerability-patched-in-user-profile-picture-plugin/ |
Standar resources
|
Property |
Value |
CVE |
CVE-2021-24170. |