The Woffice CRM theme for WordPress has a security issue that makes it vulnerable to unauthorized access. This is because the roles that are not allowed to register are not configured properly. This means that hackers can register as an Administrator if a custom login form is used. This can also be combined with another security issue to bypass the user approval process.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
