CVE-2026-5617

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handlereturntoadmin function trusting a client-controlled cookie oclauporiginaladmin to determine which user to authenticate as, without any server-side...

CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

CVE-2026-0492 Privilege escalation vulnerability in SAP HANA database

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability...

EUVD-2012-1121

Malware in sbrugna...

EUVD-2024-36759

Malicious code in bioql PyPI...

CVE-2023-2546

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

CVE-2024-37560

Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0...

CVE-2024-37560

Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0...

CVE-2024-37560

CVE-2024-37560 is an improper privilege management vulnerability in the WP User Switch WordPress plugin (affecting versions from n/a through 1.1.0). The issue enables privilege escalation within the plugin. Public exploit details are not provided in the documents. The CVE entry notes this vulnera...

CVE-2024-37560 WordPress WP User Switch plugin <= 1.1.3 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in iqbalrony WP User Switch wp-user-switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through = 1.1.3...

CVE-2024-37560 WordPress WP User Switch plugin <= 1.1.0 - Privilege Escalation vulnerability

Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0...

WordPress plugin WP User Switch security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress WP User Switch plugin <= 1.1.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin WP User Switch versions = 1.1.2...

WordPress WP User Switch Plugin <= 1.1.0 is vulnerable to Privilege Escalation

Software WP User Switch Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-37560 Patch priority High CVSS severity High 8 Developer Claim ownership PSID c3c5058a170b Credits thiennv...

VulnCheck KEV: CVE-2024-37560

Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0...

Apple macOS Ventura Security Vulnerability

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.6.4, which originates from a local attacker who may be able to view the desktop of a previously logged-in user from the Quick User Switch scree...

CVE-2023-2546

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

CVE-2023-2546

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

Authentication flaw

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

CVE-2023-2546

CVE-2023-2546 affects the WordPress plugin WP User Switch. Vulnerability arises from incorrect authentication in wpus_allow_user_to_admin_bar_menu that uses the wpus_who_switch cookie, allowing an authenticated user with subscriber-level permissions or higher to impersonate any existing user (e.g...