Login As Customer Or User
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-4305 | Cri | 0.67 | 9.8 | 0.39 | Jan 23, 2023 | The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. | ||
| CVE-2023-51484 | Cri | 0.64 | 9.8 | 0.01 | Apr 25, 2024 | Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows Privilege Escalation.This issue affects Login as User or Customer (User Switching): from n/a through 3.8. | ||
| CVE-2023-7247 | Med | 0.32 | 4.9 | 0.01 | Mar 11, 2024 | The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site. |
- risk 0.67cvss 9.8epss 0.39
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
- risk 0.64cvss 9.8epss 0.01
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows Privilege Escalation.This issue affects Login as User or Customer (User Switching): from n/a through 3.8.
- risk 0.32cvss 4.9epss 0.01
The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site.