VYPR
Unrated severityNVD Advisory· Published Nov 14, 2022· Updated Apr 30, 2025

tagDiv Composer < 3.5 - Unauthenticated Account Takeover

CVE-2022-3477

Description

The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature, allowing unauthenticated attackers to login as any user by just knowing their email address

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.