CVE-2023-6741

The WP Customer Area WordPress plugin before 8.2.1 does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users' account address. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt