Medialibs

medialibs

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Webo Facto

webo-facto

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-8853 1Medialibs 1Webo Facto Sep 25, 2024 Sep 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthe...Show more The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a username that contains '-wfuser'.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-8853

1Medialibs

1Webo Facto

Sep 25, 2024

Sep 20, 2024

N/A· v4

9.8 CRITICAL· v3

N/A· v2

The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it possible for unauthenticated attackers to make themselves administrators by registering with a username that contains '-wfuser'.Show less