Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating | 31 Jan 202416:58 | – | githubexploit |
 | CVE-2023-6036 | 1 Feb 202411:03 | – | circl |
 | WordPress Plugin Web3 Security Vulnerability | 12 Feb 202400:00 | – | cnnvd |
 | CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass | 12 Feb 202416:06 | – | cvelist |
 | CVE-2023-6036 | 12 Feb 202416:15 | – | nvd |
 | WordPress Web3 – Crypto wallet Login & NFT token gating Plugin < 3.0.0 is vulnerable to Broken Authentication | 13 Feb 202400:00 | – | patchstack |
 | Authentication flaw | 12 Feb 202416:15 | – | prion |
 | PT-2024-1507 · WordPress · Web3 | 17 Jan 202400:00 | – | ptsecurity |
 | CVE-2023-6036 | 23 May 202502:06 | – | redhatcve |
 | CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass | 12 Feb 202416:06 | – | vulnrichment |
10
Node
[
{
"vendor": "Unknown",
"product": "Web3",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "3.0.0"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | wp-admin/admin-ajax.php | Authentication bypass via admin-ajax login flow using crafted parameters in the login request | CWE-863 |
| request | request body | wp-admin/admin-ajax.php | Authentication bypass via admin-ajax login flow using crafted parameters in the login request | CWE-863 |
| address | request body | wp-admin/admin-ajax.php | Authentication bypass via admin-ajax login flow using crafted parameters in the login request | CWE-863 |
| mo_web3_verify_nonce | request body | wp-admin/admin-ajax.php | Authentication bypass via admin-ajax login flow using crafted parameters in the login request | CWE-863 |
| address | request body | wp-admin/admin-ajax.php | Follow-up login request using a forged nonce to complete bypass and obtain credentials | CWE-863 |
| nonce | request body | wp-admin/admin-ajax.php | Follow-up login request using a forged nonce to complete bypass and obtain credentials | CWE-863 |
| mo_web3_hiddenform_nonce | request body | wp-admin/admin-ajax.php | Follow-up login request using a forged nonce to complete bypass and obtain credentials | CWE-863 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 May 2025 19:15Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.19.8
EPSS0.56304
SSVC