Full title: WordPress UserPro 5.1.x Password Reset / Authentication Bypass / Privilege Escalation Vulnerability 
Category: web applications
Platform: php
WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.

# 0day.today @ http://0day.today/