4 matches found
CVE-2023-2781
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticateuserbyemail in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resendverificationemail function. This allows unauthenticated...
WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Broken Authentication
Software User Email Verification for WooCommerce Type Plugin Vulnerable versions = 3.5.0 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-2781 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 9f959445cfce Credits Lana Cod...
CVE-2023-2781
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticateuserbyemail in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resendverificationemail function. This allows unauthenticated...
CVE-2023-2781
CVE-2023-2781 affects the WordPress plugin User Email Verification for WooCommerce . The vulnerability is an authentication bypass caused by a weak token generation in the resend_verification_email function, enabling unauthenticated attackers to impersonate users and trigger email verification fo...