ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Apocalypse Meow plugin <=21.2.7 - BCrypt Authentication Bypass vulnerability

Product
Apocalypse Meow
Description
BCrypt Authentication Bypass vulnerability found by Steve (Sc00bzT) in WordPress Apocalypse Meow plugin (versions <=21.2.7).
Solution
Update the WordPress Apocalypse Meow plugin to the latest available version (at least 21.2.8).
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <=21.2.7
Fixed In 21.2.8
Disclosure date
2017-12-04
Credits
Steve
Submitter
ThreatPress