Unrated severityNVD Advisory· Published Feb 6, 2020· Updated Aug 4, 2024
CVE-2020-8772
CVE-2020-8772
Description
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.
Affected products
2- WordPress/InfiniteWP Client plugindescription
- Range: <1.9.4.5
Patches
Vulnerability mechanics
References
2- wpvulndb.com/vulnerabilities/10011mitrex_refsource_MISC
- www.webarxsecurity.com/vulnerability-infinitewp-client-wp-time-capsule/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.