VYPR

Wordable

by Wordable

Source repositories

CVEs (1)

  • CVE-2020-36724CriJun 7, 2023
    risk 0.57cvss 9.8epss 0.02

    The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.1.1. This is due to the use of a user supplied hashing algorithm passed to the hash_hmac() function and the use of a loose comparison on the hash which allows an attacker…