2 matches found
CVE-2025-5190
The Browse As plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2. This is due to incorrect authentication checking in the 'ISBABrowseAs::notice' function with the 'isbaoriginaluserCOOKIEHASH' cookie value. This makes it possible for authenticated...
CVE-2025-5190 Browse As <= 0.2 - Authenticated (Subscriber+) Authentication Bypass via Cookie
The Browse As plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2. This is due to incorrect authentication checking in the 'ISBABrowseAs::notice' function with the 'isbaoriginaluserCOOKIEHASH' cookie value. This makes it possible for authenticated...