5 matches found
CVE-2024-13182
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpparserequest' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...
CVE-2024-13182
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpparserequest' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...
CVE-2024-13182
creationtimestamp| type| source ---|---|--- 2025-02-13 12:56:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113996684417836846 2025-02-13 13:15:23+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li2rgvq6iq2a 2025-02-13 14:34:39+00:00| seen|...
CVE-2024-13182
CVE-2024-13182 affects the WordPress plugin WP Directorybox Manager for WordPress, affecting versions up to 2.5. The root cause is an incorrect authentication in the wp_dp_parse_request function, enabling unauthenticated attackers to log in as any existing user (including administrators). The con...
CVE-2024-13182 WP Directorybox Manager <= 2.5 - Authentication Bypass
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wpdpparserequest' function. This makes it possible for unauthenticated attackers to log in as any existing user on the...