CVE-2023-2546

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

WordPress WP User Switch plugin <= 1.1.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin WP User Switch versions = 1.1.2...

Authentication flaw

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

CVE-2023-2546 WP User Switch <= 1.0.2 - Authenticated (Subscriber+) Authentication Bypass via Cookie

The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.2. This is due to incorrect authentication checking in the 'wpusallowusertoadminbarmenu' function with the 'wpuswhoswitch' cookie value. This makes it possible for authenticated...

WordPress plugin WP User Switch 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress WP User Switch Plugin <= 1.0.2 is vulnerable to Bypass Vulnerability

Software WP User Switch Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.0.3 OWASP Top 10 A2: Broken Authentication Classification Bypass Vulnerability CVE CVE-2023-2546 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID d69f4769545f Credits István Márton Required privile...