5 matches found
CVE-2024-9822
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822
creationtimestamp| type| source ---|---|--- 2024-10-11 06:08:39+00:00| seen| https://t.me/cvedetector/7656 2026-06-22 18:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3movi3dg6bp2k...
CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
WordPress Pedalo Connector Plugin <= 2.0.5 is vulnerable to Broken Authentication
Software Pedalo Connector Type Plugin Vulnerable versions = 2.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9822 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4f984c880363 Credits István...