Unrated severityNVD Advisory· Published Mar 18, 2021· Updated Aug 3, 2024
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
CVE-2021-24148
Description
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/MStore APIdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/bf5ddc43-974d-41fa-8276-c1a27d3cc882mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.