PT-2024-39916 · WordPress · User Toolkit
István Márton
·
Published
2024-10-26
·
Updated
2024-10-28
·
CVE-2024-9890
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
User Toolkit plugin for WordPress versions up to, and including, 1.2.3
Description
The issue is related to an improper capability check in the
switchUser function, allowing authenticated attackers with subscriber-level permissions and above to bypass authentication and log in as any existing user, including administrators.Recommendations
For versions up to, and including, 1.2.3, update to a version that fixes the improper capability check in the
switchUser function to prevent authentication bypass.Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
User Toolkit