UsersWP Missing Authorization Vulnerability Allowing Access Control Misconfiguration
Vulnerability
A missing authorization vulnerability has been identified in the UsersWP plugin for WordPress, specifically in versions through 1.2.47. This vulnerability allows for the exploitation of improperly configured access control security levels, leading to broken access control issues.
Impact
Exploitation of this vulnerability could result in unauthorized access to restricted areas or functionalities within the WordPress site, allowing users to perform actions or access information they should not be able to.
Added: Nov 21, 2025, 1:30 PM
Updated: Nov 21, 2025, 3:26 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
3.1exploitability
5.2remediation
0.0relevance
1.1threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.