ThreatPress

WordPress Vulnerabilities Database

Back

InfiniteWP Admin Panel 2.8.0 - authorization bypass

Product
InfiniteWP Admin Panel
Description
InfiniteWP Admin Panel version 2.8.0 has vulnerable authentication method.
Solution
Update InfiniteWP Admin Panel plugin at least to 2.9.0 version
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Summer of Pwnage hacker event
CVE
Name CVE-N/A
Versions
Affected In 2.8.0
Fixed In 2.9.0
Disclosure date
2016-07-31
Credits
Summer of Pwnage hacker event