8 matches found
Exploit for Authentication Bypass by Spoofing in Booster Booster_For_Woocommerce
CVE-2021-34646 PoC for CVE-2021-34646 Exploit Title: W...
WordPress WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Exploit
Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...
WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass
Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Date: 2021-09-16 Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...
CVE-2021-34646
creationtimestamp| type| source ---|---|--- 2021-08-30 22:32:40+00:00| seen| https://t.me/cibsecurity/28026 2021-09-04 14:29:16+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/512 2025-08-31 03:01:08+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d 2025-08-31 03:12:48+00:00|...
CVE-2021-34646
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the processemailverification function due to a random token generation weakness in the resetandmailactivationlink function found in the...
CVE-2021-34646 Booster for WooCommerce <= 5.4.3 Authentication Bypass
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are vulnerable to authentication bypass via the processemailverification function due to a random token generation weakness in the resetandmailactivationlink function found in the...
CVE-2021-34646
The CVE-2021-34646 vulnerability affects Booster for WooCommerce (WordPress plugin) up to version 5.4.3. It enables authentication bypass via process_email_verification due to a weak random token in reset_and_mail_activation_link within includes/class-wcj-emails-verification.php. This allows an a...
Critical Authentication Bypass Vulnerability Patched in Booster for WooCommerce
On July 30, 2021 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability that we discovered in Booster for WooCommerce, a WordPress plugin installed on over 80,000 sites. This flaw made it possible for an attacker to log in as any user, as long as...