Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1
CVE-2024-9861
- EPSS 0.14%
- Veröffentlicht 17.10.2024 02:15:03
- Zuletzt bearbeitet 28.01.2025 18:56:36
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.6.0. This is due to missing validation on the token being supplied during the otp login through the plugin. ...
9.8
CVE-2024-9862
- EPSS 0.33%
- Veröffentlicht 17.10.2024 02:15:03
- Zuletzt bearbeitet 28.01.2025 18:57:49
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass a...
1