CVE-2023-6824

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt