Medium severity4.3NVD Advisory· Published Jan 22, 2024· Updated Jun 17, 2026
CVE-2023-6384
CVE-2023-6384
Description
The WP User Profile Avatar WordPress plugin before 1.0.1 does not properly check for authorisation, allowing authors to delete and update arbitrary avatar
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<1.0.1+ 1 more
- (no CPE)range: <1.0.1
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/fbdefab4-614b-493b-a9ae-c5aeff8323ef/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.