2 matches found
CVE-2024-4611
The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decryptvalue' and on the 'doCookieAuth' functions in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to log in as any existing user on the sit...
PT-2024-2959 · Ruijie · Ruijie Rg-Nbr700Gw
Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBR700GW version 10.34b12 Description: The issue is related to a lack of cookie verification when resetting the password, resulting in an administrator password reset vulnerability. An attacker can exploit this to log in to the devi...