Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-6036
HistoryFeb 12, 2024 - 4:15 p.m.

CVE-2023-6036

2024-02-1216:15:07
[email protected]
web.nvd.nist.gov
web3 wordpress plugin
authentication bypass
incorrect authentication checking
login flow
non-authenticated attackers
administrator access

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions ‘handle_auth_request’ and ‘hadle_login_request’. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.

Related

cvelist 1
wpexploit 1
prion 1
wpvulndb 1
cve 1
githubexploit 1
cvelist
cvelist
CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
2024-02-12 16:06:00
wpexploit
wpexploit
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
2024-01-17 00:00:00
prion
prion
Authentication flaw
2024-02-12 16:15:00
wpvulndb
wpvulndb
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
2024-01-17 00:00:00
cve
cve
CVE-2023-6036
2024-02-12 16:15:07
githubexploit
githubexploit
Exploit for CVE-2023-6036
2024-01-31 16:58:48

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for NVD:CVE-2023-6036
cvelist1wpexploit1prion1wpvulndb1cve1githubexploit1