High severity8.1NVD Advisory· Published Dec 24, 2018· Updated Jun 17, 2026
CVE-2018-20423
CVE-2018-20423
Description
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string.
Affected products
1Patches
Vulnerability mechanics
References
1- gitee.com/ComsenzDiscuz/DiscuzX/issues/IPRUInvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.