CVE-2023-50882

Name of the Vulnerable Software and Affected Versions ProfilePress versions n/a through 4.13.2

Description The issue is related to a Missing Authorization vulnerability in ProfilePress Membership Team, allowing exploitation of incorrectly configured access control security levels.

Recommendations For versions n/a through 4.13.2, update to a version later than 4.13.2 to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the ProfilePress Membership Team to minimize the risk of exploitation.