3 matches found
Exploit for Incorrect Implementation of Authentication Algorithm in Wpdirectorykit Wp_Directory_Kit
CVE-2025-13390 WP Directory Kit = 1.4.4 - Authentication B...
CVE-2025-13390
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdkgenerateautologinlink" function. This is due to the feature using a cryptographically weak token...
EUVD-2025-200972
The WP Directory Kit plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.4.4 due to incorrect implementation of the authentication algorithm in the "wdkgenerateautologinlink" function. This is due to the feature using a cryptographically weak token...