Lucene search
K

4 matches found

NVD
NVD
added 2024/10/01 8:15 a.m.13 views

CVE-2024-9106

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing...

9.8CVSS0.0171EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/10/01 7:30 a.m.20 views

CVE-2024-9106 Wechat Social login <= 1.3.0 - Authentication Bypass

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing...

9.8CVSS7.1AI score0.0171EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/10/01 7:30 a.m.25 views

CVE-2024-9106 Wechat Social login <= 1.3.0 - Authentication Bypass

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.3.0. This is due to insufficient verification on the user being supplied during the social login. This makes it possible for unauthenticated attackers to log in as any existing...

9.8CVSS0.0171EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/10/01 12:0 a.m.16 views

WordPress Wechat Social login Plugin <= 1.3.0 is vulnerable to Broken Authentication

Software Wechat Social login Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9106 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 26efb59ee707 Credits Istvá...

9.8CVSS6.6AI score0.0171EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder