Source: National Vulnerability Database

The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via wpuf_encryption(). This could allow an attacker having

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24649

71 hits since 2022-11-21

PHP Vulns Source Ratio: 16% (8192 total, 670 propagated, 4096 filtered)