Vulnerability Name: ProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset Description: - The plugin provides an AJAX endpoint for resetting a user password but does not implement proper authorization. This allows a user with low privileges, such as a subscriber, to change the password of any account, including Administrator ones. CVE: CVE-2023-0940 Affects Plugins: - profilegrid-user-profiles-groups-and-communities: Fixed in version 5.3.1 Classification: - Type: No Authorization - OWASP Top 10: A5: Broken Access Control - CWE: CWE-862 - CVSS: 8.8 (high) Miscellaneous: - Original Researcher: dc11 - Submitter: dc11 - Verified: Yes - WPVDB ID: 56744f72-2d48-4f42-8195-24b4dd951bb5 Timeline: - Publicly Published: 2023-02-27 - Added: 2023-02-27 - Last Updated: 2023-02-27