Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025
Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR
CVE-2022-3930
Description
The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3(expand)+ 1 more
- (no CPE)
- (no CPE)range: <7.4.2.2
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/8728d02a-51db-4447-a843-0264b6ceb413mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.