PT-2025-5092 · WordPress · Wp Busters Passwordless Wp

Name of the Vulnerable Software and Affected Versions: WP Busters Passwordless WP – Login with your glance or fingerprint versions 1.1.6 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected cross-site scripting XS...

WordPress Passwordless WP – Login with your glance or fingerprint Plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Passwordless WP – Login with your glance or fingerprint versions = 1.1.6...

CVE-2024-12838

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators...

CVE-2024-12838

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators...

CVE-2024-12838

CVE-2024-12838 affects CGFIDO (passwordless login) from Changing Information Technology. The vulnerability is an Authentication Bypass in the passwordless login mechanism, enabling remote attackers with regular privileges to send a crafted request and switch to the identity of any user, including...

CVE-2024-12838 Changing Information Technology CGFIDO - Authentication Bypass

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators...

PT-2024-17757 · Cgfido · Cgfido

Name of the Vulnerable Software and Affected Versions: CGFIDO affected versions not specified Description: The passwordless login mechanism in CGFIDO has an Authentication Bypass issue, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any...

Are We on the Brink of Saying Goodbye to Passwords?

Explore the transition from passwords to a passwordless future: enhanced security, convenience, and cutting-edge innovations in biometrics and…...

Victure RX1800 WiFi 6 安全漏洞

The Victure RX1800 WiFi 6 is a wireless router from Victure. A security vulnerability exists in the Victure RX1800 WiFi 6 that stems from the TELNET service being enabled and exposed over the LAN. The root account can be accessed without a password, allowing an attacker to remotely take full...

CVE-2024-10127

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration...

CVE-2024-10127

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration...

Exploit for Improper Authentication in Swoopnow 1-Click_Login\:_Passwordless_Authentication

CVE-2024-50478 1-Click Login: Passwordless Authentication 1.4...

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

CVE-2024-9191

The CVE concerns Okta Verify on Windows where the Device Access feature exposes the OktaDeviceAccessPipe, enabling a compromised device user to retrieve passwords for Desktop MFA passwordless logins. Affected component: Okta Verify agent for Windows with Okta Device Access passwordless feature en...

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

Okta Verify 安全漏洞

Okta Verify is a lightweight application from Okta that allows you to securely access your apps with two-step verification, ensuring that you and only you have access to your app account. A security vulnerability exists in Okta Verify versions 5.0.2 through 5.3.2, which originates in the Windows...

CVE-2024-50478

Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5...

CVE-2024-50478 WordPress 1-Click Login: Passwordless Authentication plugin 1.4.5 - Broken Authentication vulnerability

Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication: 1.4.5...

CVE-2024-50478

CVE-2024-50478 (WordPress 1-Click Login: Passwordless Authentication plugin, v1.4.5) exists as an Authentication Bypass via a primary weakness. The public Exploit for CVE-2024-50478 demonstrates unauthenticated token-based login bypass to impersonate another user (e.g., admin) using a crafted JWT...