WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. WordPress Simple JWT Login plugin has an access control error vulnerability in versions prior to 3.2.1, which stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An attacker could update settings such as HMAC authentication keys, account registration, and default user roles.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress simple jwt login plugin | lt | 3.2.1 |