CVE-2022-4305

Name of the Vulnerable Software and Affected Versions Login as User or Customer WordPress plugin versions prior to 3.3

Description The issue is related to insufficient authorization checks, which could allow unauthenticated attackers to obtain a valid admin session by logging in as another user. This could impact the integrity, availability, and confidentiality of protected information.

Recommendations For versions prior to 3.3, update to version 3.3 or later to resolve the issue. As a temporary workaround, consider disabling the plugin until a patch is available. Restrict access to sensitive areas of the WordPress site to minimize the risk of exploitation.