CVE-2024-54294

🗓️ 13 Dec 2024 14:25:07Reported by PatchstackType

Authentication bypass vulnerability in Firebase OTP Authentication affects versions up to 1.0.1.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-54294	14 Dec 202400:59	–	circl
CNNVD	WordPress plugin Firebase OTP Authentication 安全漏洞	13 Dec 202400:00	–	cnnvd
Cvelist	CVE-2024-54294 WordPress Firebase OTP Authentication plugin <= 1.0.1 - Account Takeover vulnerability	13 Dec 202414:25	–	cvelist
EUVD	EUVD-2024-52417	3 Oct 202520:07	–	euvd
NVD	CVE-2024-54294	13 Dec 202415:15	–	nvd
Patchstack	WordPress Firebase OTP Authentication plugin <= 1.0.1 - Account Takeover vulnerability	11 Dec 202419:22	–	patchstack
Positive Technologies	PT-2024-36175 · Appgenixinfotech · Firebase Otp Authentication	13 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-54294	5 Feb 202503:58	–	redhatcve
Vulnrichment	CVE-2024-54294 WordPress Firebase OTP Authentication plugin <= 1.0.1 - Account Takeover vulnerability	13 Dec 202414:25	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (December 9, 2024 to December 15, 2024)	19 Dec 202417:13	–	wordfence

Vulners

Node

appgenix_infotech firebase_otp_authenticationRange≤1.0.1wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "authentication-via-otp-using-firebase",
    "product": "Firebase OTP Authentication",
    "vendor": "Appgenix Infotech",
    "versions": [
      {
        "lessThanOrEqual": "1.0.1",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/authentication-via-otp-using-firebase/vulnerability/wordpress-firebase-otp-authentication-plugin-1-0-1-account-takeover-vulnerability

28 Apr 2026 16:10Current

7.2High risk

Vulners AI Score7.2

CVSS 3.19.8

EPSS0.00356

SSVC

CWE-288