2 matches found
CVE-2024-4393
The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2. This is due to insufficient verification on the OpenID server being supplied during the social login through the plugin. This makes it possible for unauthenticated attackers to lo...
WordPress Social Connect Plugin <= 1.2 is vulnerable to Privilege Escalation
Software Social Connect Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A8: Software and Data Integrity Failures Classification Privilege Escalation CVE CVE-2024-4393 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID cb56af432b5b Credits István Márton...