The BAN Users plugin for WordPress is vulnerable to someone gaining access to more privileges than they should have. Versions up to and including 1.5.3 are affected. Someone with only limited permission, like a subscriber, could modify the plugin settings to give themselves the ability to ban and unban users and to choose what role the unbanned user would have.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
