User Role Editor Pro 4.64.4 was published at December 15th, 2024. It contains important security fix. It’s recommended to install it ASAP.
Changes List
Core version: 4.64.4
- Core version was updated to 4.64.4
- Security Fix: Users – “Add Role”, “Revoke Role” buttons: Cross-Site request forgery to privilege escalation was possible due to missed nonce validation. This issue was discovered and responsibly reported by vgo0.
