ThreatPress

WordPress Vulnerabilities Database

Back

WordPress MainWP Child Plugin <= 2.0.9.1 - Authentication Bypass

Product
MainWP Child
Description
Because of this vulnerability, anyone can log in as an administrator just by knowing the target user’s handle (password bypass).
Solution
Update this plugin.
Classification
Type BYPASS
OWASP Top 10 A2: Broken Authentication and Session Management
References
Blog Sucuri
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.9.1
Fixed In 2.0.9.2
Disclosure date
2015-03-09
Submitter
ThreatPress