User Toolkit

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2024-50503	Deryck User Toolkit	Cri	0.64	9.8	0.01		Oct 30, 2024	Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck User Toolkit user-toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through <= 1.2.3.
CVE-2024-9890	WordPress User Toolkit	Hig	0.51	8.8	0.01		Oct 26, 2024	The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions…

CVE-2024-50503CriOct 30, 2024
Deryck
User Toolkit
risk 0.64cvss 9.8epss 0.01
Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck User Toolkit user-toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through <= 1.2.3.
CVE-2024-9890HigOct 26, 2024
WordPress
User Toolkit
risk 0.51cvss 8.8epss 0.01
The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3. This is due to an improper capability check in the 'switchUser' function. This makes it possible for authenticated attackers, with subscriber-level permissions…