Critical severity9.8NVD Advisory· Published Jan 23, 2023· Updated Jun 17, 2026
CVE-2022-4305
CVE-2022-4305
Description
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/286d972d-7bda-455c-a226-fd9ce5f925bdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.