← Back to CVE List
CVE-2023-4059
The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt