A vulnerability, which was classified as problematic, was found in WP User Profile Avatar Plugin up to 1.0.0 on WordPress. This affects an unknown part of the component Avatar Handler. The manipulation leads to authorization bypass.
This vulnerability is uniquely identified as CVE-2023-6384. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.