2 matches found
CVE-2024-43982
CVE-2024-43982 is a Missing Authorization vulnerability in WordPress plugin Login As Users (Geek Code Lab) affecting versions 1.4.3 and earlier. It enables Broken Access Control leading to account takeover. Remediation per PT-2024-30846: update to version 1.4.4 (or restrict plugin access as a tem...
WordPress Login As Users Plugin <= 1.4.3 is vulnerable to Broken Access Control
Software Login As Users Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43982 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 591007b6910c Credits Ananda Dhakal Patchstack...