CVE-2018-11678

Name of the Vulnerable Software and Affected Versions Monstra CMS version 3.0.4

Description The issue allows for Login Rate Limiting Bypass via manipulation of the login attempts cookie in the plugins/box/users/users.plugin.php file.

Recommendations For Monstra CMS version 3.0.4, consider temporarily restricting access to the login functionality until a patch is available. As a workaround, monitor and limit login attempts through alternative means to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.