CVE-2022-4305
Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Unknown · Login as User or Customerpublic PoCs found — 1
cve_referencewpscan.com/vulnerability/286d972d-7bda-455c-a226-fd9ce5f925bdunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →