CVE-2022-0993
CVE-2022-0993 affects the SiteGround Security WordPress plugin up to version 1.2.5, where an authentication bypass via the 2FA backup code flow allows unauthenticated users to log in as administrators. The root cause is missing identity verification in the 2FA backup code implementation. Impact i...