CVE-2019-15863

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/09/2019
Last modified:
24/08/2020

Description

The ConvertPlus plugin before 3.4.5 for WordPress has an unintended account creation (with the none role) via a request for variants.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:convertplug:convertplus:*:*:*:*:*:wordpress:*:* 3.4.5 (excluding)


References to Advisories, Solutions, and Tools