VYPR
Unrated severityNVD Advisory· Published Dec 12, 2022· Updated Apr 22, 2025

Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR

CVE-2022-3930

Description

The Directorist WordPress plugin before 7.4.2.2 suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.