A critical vulnerability has been discovered in the popular Profile Builder and Profile Builder Pro plugins, with over 50,000 active installations.
The flaw, identified during a routine audit of various WordPress plugins, allows unauthenticated attackers to escalate their privileges and gain administrative access to targeted sites without possessing account credentials.
https://cybersecuritynews.com/wordpress-plugin-flaw-2/