6 matches found
WordPress Web3 – Crypto wallet Login & NFT token gating Plugin < 3.0.0 is vulnerable to Broken Authentication
Software Web3 – Crypto wallet Login & NFT token gating Type Plugin Vulnerable versions 3.0.0 Fixed in 3.0.0 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-6036 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 9bc7bba9b677 Credits...
CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...
CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...
CVE-2023-6036
CVE-2023-6036 affects the Web3 WordPress plugin before 3.0.0. The root cause is incorrect authentication checking in the login flow, specifically in the functions "handle_auth_request" and "handle_login_request" (note: some sources spell the second as 'hadle_login_request'). This enables an unaut...
CVE-2023-6036
creationtimestamp| type| source ---|---|--- 2024-02-01 11:03:14+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9891 2024-02-01 15:08:01+00:00| published-proof-of-concept| Telegram/bOqPtzHEO1ZVbaDJKoLdYxD4kMdbp1u8MWZoepA-pgrQ 2024-02-12 17:21:58+00:00| seen|...
Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating
CVE-2023-6036 POC about Wordpress plugin Web3 – Crypto wallet...