Lucene search
K

9 matches found

NVD
NVD
added 2024/10/11 3:15 a.m.19 views

CVE-2024-9822

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...

9.8CVSS0.00905EPSS
Exploits0References2
OSV
OSV
added 2024/10/11 3:15 a.m.5 views

CVE-2024-9822

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...

9.8CVSS5.8AI score0.00905EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/11 2:32 a.m.11 views

CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...

9.8CVSS7.2AI score0.00905EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/11 2:32 a.m.31 views

CVE-2024-9822 Pedalo Connector <= 2.0.5 - Authentication Bypass to Administrator

The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'loginadminuser' function. This makes it possible for unauthenticated attackers to log to the first user, who is usually the...

9.8CVSS0.00905EPSS
Exploits0References2
CVE
CVE
added 2024/10/11 2:32 a.m.64 views

CVE-2024-9822

The Pedalo Connector plugin for WordPress (v

9.8CVSS9.7AI score0.00905EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.6 views

WordPress plugin Pedalo Connector 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.5AI score0.00905EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/10 3:12 p.m.6 views

WordPress Pedalo Connector plugin <= 2.0.5 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by István Márton in WordPress Plugin Pedalo Connector versions = 2.0.5...

9.8CVSS7AI score0.00905EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.12 views

WordPress Pedalo Connector Plugin <= 2.0.5 is vulnerable to Broken Authentication

Software Pedalo Connector Type Plugin Vulnerable versions = 2.0.5 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9822 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4f984c880363 Credits István...

9.8CVSS9.5AI score0.00905EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/10 12:0 a.m.9 views

PT-2024-39867 · WordPress · Pedalo Connector

Name of the Vulnerable Software and Affected Versions: The Pedalo Connector plugin for WordPress versions up to, and including, 2.0.5 Description: The issue is due to insufficient restriction on the login admin user function, making it possible for unauthenticated attackers to log in as the first...

9.8CVSS7AI score0.00905EPSS
Exploits0References12
Rows per page
Query Builder