cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2020-36666,https://securityvulnerability.io/vulnerability/CVE-2020-36666,Multiple e-plugins - Subscriber+ Privilege Escalation,"The affected E-Plugins WordPress plugins fail to implement adequate security measures for certain AJAX calls, leading to a vulnerability that could allow logged-in users to gain unauthorized admin privileges. This occurs through the function `iv_directories_update_profile_setting()`, which improperly processes data from AJAX requests without sufficient validation. As these plugins permit user registration through custom forms, this vulnerability poses a significant risk to websites utilizing them.",Wordpress,"Directory-pro,Final-user-WP-frontend-user-profiles,Producer-retailer,Photographer-directory,Real-estate-pro,Institutions-directory,Lawyer-directory,Doctor-listing,Hotel Listing,Fitness-trainer,WP-membership",8.8,HIGH,0.0011399999493733048,false,,false,false,false,,false,false,2023-03-27T15:37:27.159Z,0