Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 4:36 a.m.8 views

CVE-2024-9930

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS7.1AI score0.00543EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/26 1:58 a.m.10 views

CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS7.1AI score0.00543EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/26 1:58 a.m.20 views

CVE-2024-9930 Extensions by HocWP Team <= 0.2.3.2 - Authentication Bypass

The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2. This is due to missing validation on the user being supplied in the 'verifyemail' action. This makes it possible for unauthenticated attackers to log in as any...

9.8CVSS0.00543EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.10 views

WordPress Extensions by HocWP Team Plugin <= 0.2.3.2 is vulnerable to Broken Authentication

Software Extensions by HocWP Team Type Plugin Vulnerable versions = 0.2.3.2 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9930 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7d51f78c234b Credit...

9.8CVSS6.5AI score0.00543EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder