Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24836

Disclosure Date: December 13, 2021 (last updated October 07, 2023)
The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation and CSRF checks when updating its settings, which could allows any logged-in users, such as subscribers to update them
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0