Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:E02E5066-9C22-4235-A61D-74468B67551F
HistoryJun 29, 2023 - 12:00 a.m.

Web3 – Crypto wallet Login & NFT token gating < 2.7.0 - Authentication Bypass

2023-06-2900:00:00
wpscan.com
6
web3
crypto
wallet
nft
token
gating
authentication
bypass
plugin
hidden form data
unauthenticated user
administrator
username
security
vulnerability

EPSS

0.002

Percentile

56.7%

JSON

The plugin does not properly perform authentication in the ‘hidden_form_data’ function, allowing an unauthenticated user to log in as any existing user on the site, such as an administrator, if they have access to the username.

Related

prion 1
nvd 1
cvelist 1
cve 1
wordfence 2
prion
prion
Authentication flaw
2023-06-30 02:15:00
nvd
nvd
CVE-2023-3249
2023-06-30 02:15:09
cvelist
cvelist
CVE-2023-3249
2023-06-30 01:56:18
cve
cve
CVE-2023-3249
2023-06-30 02:15:09
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 26, 2023 to July 2, 2023)
2023-07-06 12:58:56
2023’s Critical WordPress Vulnerabilities and How They Work
2024-02-12 19:11:21

EPSS

0.002

Percentile

56.7%

JSON
Related for WPVDB-ID:E02E5066-9C22-4235-A61D-74468B67551F
prion1nvd1cvelist1cve1wordfence2