Lucene search

K

Idehweb Security Vulnerabilities

cve
cve

CVE-2024-32507

Improper Privilege Management vulnerability in Hamid Alinia – idehweb Login with phone number allows Privilege Escalation.This issue affects Login with phone number: from n/a through...

8.8CVSS

6.8AI Score

0.0004EPSS

2024-05-17 09:15 AM
39
cve
cve

CVE-2024-34371

Missing Authorization vulnerability in Hamid Alinia – idehweb Login with phone number.This issue affects Login with phone number: from n/a through...

4.3CVSS

9.3AI Score

0.0004EPSS

2024-05-06 07:15 PM
24
cve
cve

CVE-2024-31424

Cross-Site Request Forgery (CSRF) vulnerability in Hamid Alinia - idehweb Login with phone number.This issue affects Login with phone number: from n/a through...

8.8CVSS

6.9AI Score

0.0004EPSS

2024-04-15 10:15 AM
27
cve
cve

CVE-2023-4916

The Login with phone number plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.6. This is due to missing nonce validation on the 'lwp_update_password_action' function. This makes it possible for unauthenticated attackers to change user password...

8.8CVSS

8.4AI Score

0.001EPSS

2023-09-13 03:15 AM
23
cve
cve

CVE-2022-0598

The Login with phone number WordPress plugin before 1.3.8 does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is...

4.8CVSS

4.7AI Score

0.001EPSS

2022-08-01 01:15 PM
53
5
cve
cve

CVE-2023-23492

The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the 'ID' parameter of its 'lwp_forgot_password'...

8.8CVSS

8.8AI Score

0.062EPSS

2023-01-20 07:15 PM
32
cve
cve

CVE-2022-0593

The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service...

6.5CVSS

6.6AI Score

0.001EPSS

2022-03-14 03:15 PM
62