4 matches found
CVE-2024-9930
The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...
CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass
The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...
CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass
The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...
WordPress Extensions by HocWP Team Plugin <= 0.2.3.2 is vulnerable to Broken Authentication
Software Extensions by HocWP Team Type Plugin Vulnerable versions = 0.2.3.2 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9930 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7d51f78c234b Credit...