Fiverr.com is a global online marketplace which provides a platform for people to sell their services for five dollars per job. The company ignored the advance warning of the critical bug reported responsibly by a vulnerability hunter and fails to patch up their website before his public release. The vulnerability is critical and should be fixed as soon as possible, the researcher has also provided a video demonstration of the vulnerability as a Proof of Concept. An attacker only needs to know the profile link of the victim in order to exploit the vulnerability. Once done, the attacker can take over the victim’s account just by changing the account password from the website.
Source: https://thehackernews.com/2014/08/hacking-fiverrcom-accounts_16.html