VYPR

Login As Customer Or User

by WordPress

CVEs (3)

  • CVE-2022-4305CriJan 23, 2023
    risk 0.67cvss 9.8epss 0.39

    The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.

  • CVE-2023-51484CriApr 25, 2024
    risk 0.64cvss 9.8epss 0.01

    Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows Privilege Escalation.This issue affects Login as User or Customer (User Switching): from n/a through 3.8.

  • CVE-2023-7247MedMar 11, 2024
    risk 0.32cvss 4.9epss 0.01

    The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.