VYPR

Pedalo Connector

by WordPress

CVEs (1)

  • CVE-2024-9822CriOct 11, 2024
    risk 0.64cvss 9.8epss 0.01

    The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.5. This is due to insufficient restriction on the 'login_admin_user' function. This makes it possible for unauthenticated attackers to log to the first user,…