3 matches found
CVE-2024-9988 Crypto <= 2.19 - Authentication Bypass via register
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.19. This is due to missing validation on the user being supplied in the 'cryptoconnectajaxprocess::register' function. This makes it possible for unauthenticated attackers to log in as any...
CVE-2024-9988 Crypto <= 2.19 - Authentication Bypass via register
The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.19. This is due to missing validation on the user being supplied in the 'cryptoconnectajaxprocess::register' function. This makes it possible for unauthenticated attackers to log in as any...
WordPress Crypto Plugin <= 2.18 is vulnerable to Broken Authentication
Software Crypto Type Plugin Vulnerable versions = 2.18 Fixed in 2.19 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9988 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 4336600a033e Credits István Márton...