Filtered by vendor Mobisoft974
Subscriptions
Filtered by product Relais 2fa
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10245 | 1 Mobisoft974 | 1 Relais 2fa | 2024-11-12 | 9.8 Critical |
| The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. | ||||
Page 1 of 1.