VYPR

Expire Users

by WordPress

Source repositories

CVEs (1)

  • CVE-2026-4261HigMar 21, 2026
    risk 0.57cvss 8.8epss 0.00

    The Expire Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.2. This is due to the plugin allowing a user to update the 'on_expire_default_to_role' meta through the 'save_extra_user_profile_fields' function. This makes it…