Login With Phone Number Security Vulnerabilities and Issues — Login With Phone Number CVE List

Lucene search

IdehwebLogin With Phone Number

3 matches found

cve•added 2023/01/20 7:15 p.m.•67 views

CVE-2023-23492

The Login with Phone Number WordPress Plugin, version

8.8CVSS8.8AI score0.86984EPSS

Web

cve•added 2024/09/14 1:15 p.m.•48 views

CVE-2024-6482

The Login with phone number plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.7.49. This is due to a lack of validation and missing capability check on user-supplied data in the 'lwp_update_password_action' function. This makes it possible for authen...

8.8CVSS8.7AI score0.00334EPSS

cve•added 2023/09/13 3:15 a.m.•44 views

CVE-2023-4916

The Login with phone number plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.6. This is due to missing nonce validation on the 'lwp_update_password_action' function. This makes it possible for unauthenticated attackers to change user password vi...

8.8CVSS8.4AI score0.00435EPSS