9 matches found
CVE-2024-9822
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...
CVE-2024-9822
The Pedalo Connector plugin for WordPress (v
WordPress plugin Pedalo Connector 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Pedalo Connector plugin <= 2.0.5 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by István Márton in WordPress Plugin Pedalo Connector versions = 2.0.5...
WordPress Pedalo Connector Plugin <= 2.0.5 is vulnerable to Broken Authentication
Software Pedalo Connector Type Plugin Vulnerable versions = 2.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9822 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4f984c880363 Credits István...
PT-2024-39867 · WordPress · Pedalo Connector
Name of the Vulnerable Software and Affected Versions: The Pedalo Connector plugin for WordPress versions up to, and including, 2.0.5 Description: The issue is due to insufficient restriction on the login admin user function, making it possible for unauthenticated attackers to log in as the first...