CVE-2022-2350

UNKNOWN 0.0

Disable User Login <= 1.0.1 - Unauthenticated Settings Update

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

The Disable User Login WordPress plugin through 1.0.1 does not have authorisation and CSRF checks when updating its settings, allowing unauthenticated attackers to block (or unblock) users at will.

CWE	CWE-862 CWE-352
Vendor	unknown
Product	disable user login
Published	Oct 10, 2022
Last Updated	Aug 3, 2024

Stay Ahead of the Next One

Get instant alerts for unknown disable user login

Be the first to know when new unknown vulnerabilities affecting unknown disable user login are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Disable User Login

1.0.1 ≤ 1.0.1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/de28543b-c110-4a9f-bfe9-febccfba3a96

Credits

Rafshanzani Suhada