29Tem
CVE-2024-6366 | User Profile Builder Plugin up to 3.11.7 on WordPress Async Upload authorization
A vulnerability was found in User Profile Builder Plugin up to 3.11.7 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Async Upload. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2024-6366. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.