Lucene search
K

4 matches found

OSV
OSV
added 2023/06/30 2:15 a.m.4 views

CVE-2023-3249

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

9.8CVSS7.3AI score0.01108EPSS
Exploits0References2
CVE
CVE
added 2023/06/30 1:56 a.m.47 views

CVE-2023-3249

The WordPress plugin Web3 – Crypto wallet Login & NFT token gating (Web3 authentication) is affected by CVE-2023-3249. Affected versions up to and including 2.6.0 suffer an authentication bypass due to an incorrect check in the hidden_form_data routine, allowing an authenticated attacker to log i...

9.8CVSS9.3AI score0.01108EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/06/30 1:56 a.m.27 views

CVE-2023-3249 Web3 – Crypto wallet Login & NFT token gating <= 2.6.0 - Authentication Bypass

The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.6.0. This is due to incorrect authentication checking in the 'hiddenformdata' function. This makes it possible for authenticated attackers to log in as...

9.8CVSS9.6AI score0.01108EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/06/30 12:0 a.m.14 views

WordPress Web3 – Crypto wallet Login & NFT token gating Plugin <= 2.6.0 is vulnerable to Bypass Vulnerability

Software Web3 – Crypto wallet Login & NFT token gating Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.7.0 OWASP Top 10 A2: Broken Authentication Classification Bypass Vulnerability CVE CVE-2023-3249 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 137db20e70bb Credits...

9.8CVSS6.5AI score0.01108EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder