Lucene search
K

4 matches found

NVD
NVD
added 2024/10/26 3:15 a.m.12 views

CVE-2024-9931

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...

9.8CVSS0.00543EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/26 1:58 a.m.22 views

CVE-2024-9931 Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...

9.8CVSS0.00543EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/26 1:58 a.m.12 views

CVE-2024-9931 Wux Blog Editor <= 3.0.0 - Authentication Bypass to Administrator

The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. This is due to missing validation on the token being supplied during the autologin through the plugin. This makes it possible for unauthenticated attackers to log in to the fir...

9.8CVSS7.2AI score0.00543EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.13 views

WordPress Wux Blog Editor Plugin <= 3.0.0 is vulnerable to Broken Authentication

Software Wux Blog Editor Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9931 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 140fce8f5a83 Credits István...

9.8CVSS6.5AI score0.00543EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder