RSS   Vulnerabilities for 'Wp time capsule'   RSS

2020-02-06
 
CVE-2020-8771

CWE-287
 

 
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.

 


Copyright 2024, cxsecurity.com

 

Back to Top