Published on: Not Yet Published
Last Modified on: 01/23/2023 05:17:00 PM UTC
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
- CVE-2022-4305 has been assigned by [email protected] to track the vulnerability
- Affected Vendor/Software: Unknown - Login as User or Customer version = 0
|Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin WordPress Security Vulnerability|| web.archive.org |
Inactive LinkNot Archived