3 matches found
WordPress Userpro Plugin Authentication Bypass (CVE-2017-16562)
An authentication bypass vulnerability exists in WordPress Userpro Plugin. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Immunity Canvas: WPUSERPRO_RCE
Name| wpuserprorce ---|--- CVE| CVE-2017-16562 Exploit Pack| CANVAS Description| Wordpress Remote Command Execution Through UserPro Plugin login bypass Notes| References: https://www.exploit-db.com/exploits/43117/ Repeatability: Infinite VENDOR: UserPro Plugin CVE Url:...
CVE-2017-16562
The CVE-2017-16562 entry concerns the WordPress UserPro Plugin prior to version 4.9.17.1. The vulnerability allows remote attackers, when the site uses the default admin username, to bypass authentication and obtain administrative access by sending a true value for the up_auto_log parameter in th...